501013 A7 B7 PA890395.TWP - 3/15 五、發明說明(/ ) 【技術領域】 (請先閱讀背面之注意事項再填寫本頁) 本發明係關於一種高速保密器,特別是指一種可應用 於高度保護及高速運算憑證管理中心之高速保密器。 【先前技術】 5 在國際網際網路暢行的今日,各種資訊傳遞、交換幾 經濟部智慧財產局員工消費合作社印製 乎皆可經由網路來達成,使得網路安全問題日益重要。用 軟體的方式達成加密、訊息認證、使用者身份辨認及其它 密碼的功能是蠻有誘因的一件事,原因在於其設計上較為 簡單並可避免複雜的硬體介面及與週邊的通訊負荷。然 10 而,一個純軟體的解決方案係完全不具任何安全性,因其 對於内賊,幾乎完全無法具有安全之保證。以純軟體的方 式設計某些安全保密的機制時,在保密演算法則中扮演關 鍵角色的密鑰,一定在某些系統運作時期是以明碼形式存 在且可截取到的。某一些軟體方案的開發廠商宣稱它們的 15 產品可將密鑰以加密的型式達到完全安全的保護,就算用 於資料加解密的密鑰不是以明碼的形式儲存於磁碟中,只 要是軟體可以解密的,駭客也可以做到。所以駭客便有足 夠的線索得到那支密鑰,因此不論軟體廠商吹誇他們的程 式寫得多好,或強調他們用了什麼偉大的方法將密鑰加密 20 並保管在其它地方,均無法改變純軟體解決方案不安全的 事實。 由此可見,上述習用物品仍有諸多缺失,實非一良善 之設計者,而亟待加以改良。 本案發明人鑑於上述習用軟體保密機制所衍生的各項 本紙張尺度適用中國國家標準(CNS)A4規格(210 X 297公釐) 501013 A7 B7 PA890395.TWP-4/15 五、發明說明(Z) 缺點,乃亟思加以改良創新,並經多年苦心孤詣潛心研究 後,終於成功研發完成本件高速保密器。 (請先閱讀背面之注意事項再填寫本頁) 【發明目的】 本發明之目的即在於提供一種安全保密之硬體設備, 5 使其可提供儲存、運作多組金鑰及金鑰管理等功能之高速 保密器。 本發明之次一目的係在於提供一種具有主機與簽章安 控單元互相認證功能之高速保密器。 本發明之另一目的係在於提供一種可應用於需高度保 10 護、高速運算憑證管理中心及加密通信伺服器之高速保密 器。 本發明之又一目的係在於提供一種可配合電子公文、 電子商務等多項應用之高速保密器。 【技術内容】 15 可達成上述發明目的之高速保密器,包括有一控制器 經濟部智慧財產局員工消費合作社印製 模組、智慧型讀卡機模組、亂數產生器模組、數學運算器 模組、具有安全功能儲存和時鐘模組、防止金鑰竊取模 組、乙太數據通訊介面模組;藉上述各模組之構成,使其 可提供儲存、運作多組金鑰及供金鑰管理等功能,私密金 20 鑰以微控制單元做加密保護,而RSA金鑰長度可以有768、 1024、2048位元等多種選擇,防止擅改的開蓋金鑰銷毁的 功能,具有主機與簽章安控單元互相認證的功能,以提供 時間管理簽章安控單元啟動的自我檢查功能,可以做操作 者的鑑別,提供硬體金鑰分持功能。 -4- 本紙張尺度適用中國國家標準(CNS)A4規格(210 X 297公釐) 經濟部智慧財產局員工消費合作社印製 501013 A7 B7 PA890395.TWP - 5/15 五、發明說明(9) 【圖式簡單說明】 請參閱以下有關本發明一較佳實施例之詳細說明及其 附圖,將可進一步瞭解本發明之技術内容及其目的功效; 有關該實施例之附圖為: 5 圖一為本發明高速保密器之金鑰階層管理圖; 圖二為本發明高速保密器之硬體方塊圖; 圖三為本發明高速保密器之控制器模組架構圖; 圖四為本發明高速保密器之亂數產生器模組架構圖; 圖五為本發明高速保密器之數學運算器模組架構圖; 10 圖六為本發明高速保密器之具有安全儲存和時鐘模組 架構圖, 圖七為本發明高速保密器之防止金鑰被竊取模組架構 圖; 圖八為本發明高速保密器之GCA的CA伺服器系統架構 15 圖;以及 圖九為本發明高速保密器之GCA Root金鑰管理示意 圖。 【主要部分代表符號】 11主金鑰 12主加密金鍮 13工作加密金鑰 14 CA公開金鑰/私密金鑰 2控制器模組 21控制器 本紙張尺度適用中國國家標準(CNS)A4規格(210 X 297公釐) _1!!丨-41^--裝·丨丨 I- !_ 訂-!! — 丨 _ 〈請先閱讀背面之注意事項再填寫本頁) 501013 A7 gy PA890395.TWP - 6/15 五、發明說明(4〇 22雙埠記憶體 23重置電路 (請先閱讀背面之注意事項再填寫本頁) : 24系統解碼電路 25系統快閃記憶體 26系統動態記憶體 3亂數產生器模組 4智慧型讀卡機模組 5具有安全功能儲存和時鐘模組 51微處理器 52時鐘 經濟部智慧財產局員工消費合作社印製 53儲存記憶體保護電路 54輸入輸出介面 55儲存記憶體 6防止金鑰被竊取模組 7乙太數據通訊界面模組 8數學運算器模組 81數學運算器 82重置電路 83解碼電路 84快閃記憶體 85雙埠記憶體 91 C Α伺服器系統 92高速保密器 93指導委員會 -6- 本紙張尺度適用中國國家標準(CNS)A4規格(210 X 297公釐) 501013 A7 經濟部智慧財產局員工消費合作社印製 五、發明說明(f) .94營運管理分組 95 CA金鑰對保管人員 ; 96 RSA硬體 97 CA系統安控人員 【較佳實施例】 請參閱圖-所示,係本發明所提供之高速保密器之金 鑰階層官理圖,該金鑰階層(KeyHierarchy)管理主要分 成主金鑰11、主加岔金鑰12及工作加密金鑰13等三階層, 5其中,該主金鑰11係用來將主加密金鑰12及€八公開金鑰/ 私密金鑰14轉換成密碼,在Initializati〇n state時才作 Read/Write的動作,而且只有〇fficer有權限作界也6主金鑰u 及Remove主金鑰11 ;主加密金鑰丨2係用來encrypt工作力y密 金鑰13及Offices key、User,s key,在碰汕滅〇11贫細時才; Read/Write的動作,而且只有〇fficer有權限作Write工作加 密金鑰13及Remove工作加密金鑰丨3。 請參閱圖二所示,係本發明所提供之高速保密器之硬 體方塊圖,其主要係由一控制器模組2、智慧型讀卡機 (SmartCardReader)模組4、亂數產生器模組3、數學運算 器模組8、具有安全功能儲存和時鐘模組5、防止金输被^ 取(Tamper-proof key)模組6、乙太數據通訊界面模組7所組 成,而各模組織主要動作功能如下所述: -控制器模組2,其架構如圖三所示,該控制器模組】 主要包含有一控制器21、雙埠記憶體22、重置電路幻、系 統解碼電路24、系統快閃記憶體2 5及系統動態記憶體2 6 f -7- 10 15 20 Μ嫌尺度適用中_家標準(CNS)A4規格⑽x挪公釐) (請先閲讀背面之注意事項再填寫本頁)501013 A7 B7 PA890395.TWP-3/15 V. Description of the Invention (/) [Technical Field] (Please read the precautions on the back before filling out this page) The present invention relates to a high-speed security device, in particular, a high-speed security device that can be applied to High-speed security device with high protection and high-speed operation certificate management center. [Previous technology] 5 Today, with the smooth flow of the international Internet, various types of information transmission and exchange are printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs, which can be achieved through the Internet, making the issue of network security increasingly important. The use of software to achieve encryption, message authentication, user identification, and other password functions is one of the most motivating things. The reason is that it is simpler in design and avoids complex hardware interfaces and communication loads with surroundings. However, a software-only solution is completely insecure, as it is almost completely impossible to guarantee security for insiders. When designing certain security mechanisms in a pure software manner, the keys that play a key role in the security algorithm must exist and be intercepted in clear form during certain system operation periods. The developers of some software solutions claim that their 15 products can fully encrypt the keys in an encrypted form, even if the keys used for data encryption and decryption are not stored on the disk in clear form, as long as the software can Decrypted, hackers can do it too. So hackers have enough clues to get that key, so no matter how good the software vendors boast about how well their programs are written, or emphasize what great method they used to encrypt the key20 and store it elsewhere, it wo n’t work. Changing the fact that pure software solutions are not secure. It can be seen that there are still many shortcomings in the above-mentioned conventional articles. They are not a good designer and need to be improved. In view of the above-mentioned conventional software security mechanism, the inventors of this case apply the Chinese national standard (CNS) A4 specification (210 X 297 mm) 501013 A7 B7 PA890395.TWP-4 / 15 V. Description of the invention (Z) Disadvantages, after eager to improve and innovate, and after years of painstaking research, finally successfully developed this high-speed security device. (Please read the precautions on the back before filling this page) [Objective of the invention] The purpose of the present invention is to provide a secure and secure hardware device. 5 It can provide functions such as storage and operation of multiple sets of keys and key management. High-speed security device. A secondary object of the present invention is to provide a high-speed security device with a mutual authentication function between a host and a signature security control unit. Another object of the present invention is to provide a high-speed security device that can be applied to a highly secure, high-speed computing credential management center and an encrypted communication server. Another object of the present invention is to provide a high-speed security device that can cooperate with multiple applications such as electronic documents and e-commerce. [Technical content] 15 High-speed security devices that can achieve the above-mentioned inventions include a controller printed by the Intellectual Property Bureau of the Ministry of Economic Affairs, a consumer cooperative print module, a smart card reader module, a random number generator module, and a mathematical operator. Modules, storage and clock modules with security functions, modules to prevent key theft, and Ethernet data communication interface modules; by virtue of the composition of each of the above modules, it can provide storage and operation of multiple sets of keys and supply keys Management and other functions. The private key 20 key is encrypted and protected by the micro control unit, while the RSA key length can have multiple options such as 768, 1024, and 2048 bits. It can prevent unauthorized tampering with the key destruction function. The Zhang An control unit authenticates each other to provide time management. The self-check function initiated by the signature security control unit can be used to identify the operator and provide a hardware key sharing function. -4- This paper size applies to China National Standard (CNS) A4 (210 X 297 mm) Printed by Employee Consumer Cooperative of Intellectual Property Bureau of the Ministry of Economic Affairs 501013 A7 B7 PA890395.TWP-5/15 5. Description of Invention (9) [ Brief description of the drawings] Please refer to the following detailed description of a preferred embodiment of the present invention and the accompanying drawings to further understand the technical content of the present invention and its purpose and effect. The drawings related to this embodiment are: 5 FIG. 1 Figure 2 is a key hierarchy management diagram of the high-speed security device of the present invention; Figure 2 is a hardware block diagram of the high-speed security device of the present invention; Figure 3 is a structural diagram of the controller module of the high-speed security device of the present invention; Figure 4 is high-speed security of the present invention Fig. 5 is a block diagram of a mathematical operator module of the high-speed security device of the present invention; 10 Fig. 6 is a block diagram of the high-speed security device of the present invention with a secure storage and clock module, Fig. 7 Figure 8 is a block diagram of the high-speed security device of the present invention for preventing key theft; Figure 8 is a diagram of the CA server system architecture of the GCA of the high-speed security device of the present invention; and Figure 9 is a GCA R of the high-speed security device of the present invention. oot key management diagram. [Representative Symbols of Main Parts] 11 Master Key 12 Master Encryption Key 13 Working Encryption Key 14 CA Public Key / Private Key 2 Controller Module 21 Controller This paper size applies to China National Standard (CNS) A4 specifications ( 210 X 297 mm) _1 !! 丨 -41 ^-Packing · 丨 丨 ---_ Order- !! — 丨 _ 〈Please read the precautions on the back before filling this page) 501013 A7 gy PA890395.TWP- 6/15 V. Description of the invention (4022 dual-port memory 23 reset circuit (please read the precautions on the back before filling this page): 24 system decoding circuit 25 system flash memory 26 system dynamic memory 3 disorder Number generator module 4 Smart card reader module 5 With security function storage and clock module 51 Microprocessor 52 Clock Printed by the Ministry of Economic Affairs Intellectual Property Bureau Employee Consumer Cooperative 53 Storage memory protection circuit 54 Input and output interface 55 Storage Memory 6 Prevents key theft module 7 Ethernet data communication interface module 8 Mathematical operator module 81 Mathematical operator 82 Reset circuit 83 Decoding circuit 84 Flash memory 85 Dual-port memory 91 C Α server System 92 High-speed Security Device 93 Steering Committee-6- Paper size applies Chinese National Standard (CNS) A4 specification (210 X 297 mm) 501013 A7 Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs. 5. Description of the invention (f) .94 Operations Management Group 95 CA key pairs for custodians; 96 RSA hardware 97 CA system security control personnel [preferred embodiment] Please refer to Figure-shown, it is the key hierarchy of the high-speed security device provided by the present invention, the key hierarchy management (KeyHierarchy) management is mainly divided into There are three levels of master key 11, master plus key 12 and work encryption key 13. Among them, the master key 11 is used to convert the master encryption key 12 and the public key / private key 14. Into a password, only Read / Write in the InitializatiOn state, and only Officer has the authority to do the 6 master key u and Remove master key 11; the master encryption key 2 is used to encrypt the work force The y secret key 13 and the Offices key, User, and s key are only used when the details are eliminated. The Read / Write action, and only Officer is authorized to write Write encryption key 13 and Remove work encryption key.丨 3. Please refer to FIG. 2, which is provided by the present invention. The hardware block diagram of the high-speed security device is mainly composed of a controller module 2, a smart card reader module (SmartCardReader) module 4, a random number generator module 3, a mathematical operator module 8, and security. Function storage and clock module 5, Tamper-proof key module 6, Ethernet data communication interface module 7, and the main functions of each module organization are as follows:-Controller module Group 2, whose architecture is shown in Figure 3. The controller module] includes a controller 21, dual-port memory 22, reset circuit, system decoding circuit 24, system flash memory 25, and system dynamics. Memory 2 6 f -7- 10 15 20 Μ Applicable standards _ Home Standard (CNS) A4 size ⑽ x mm) (Please read the precautions on the back before filling this page)
·丨丨! !訂-_ ί _ 丨 I 501013 PA890395.TWP - 8/15 A7 B7 五、發明說明(6) 其係利用 ARM 7 TDMI RISC 處理器、之 CPU Micro Code,40 MIPS之峰值性能表現,快速執行系統資料存取控制的動 作’内建之乙太網路(Ethernet)整合 10/100 Megabit per Second MAC控制器,及可以提供網路介接的介面,以提供大量 5且快速的加解密數學運算資料至記憶體,或將數學運算器 模組8產生之金鑰資料傳送至伺服器端;提供智慧卡界 面’透過RS-232連接智慧型讀卡機模組4,使金鑰自智慧 卡内讀出後直接傳入數學運算器模組8内部進行運算,不 會曝露於PC之記憶體及硬碟中。而其主要功能為: 10 1·處理呼叫數學運算器模組8執行安全保密模組包含 RSA、Triple DES、RC6,ECC、Diffie-Hellman、DSA、SHA-1 質數產生等; 2·提供10 Channel DMA控制器,負責處理乙太網路收 發資料; 15 3·管理系統記憶體等資源; 4 ·掌控處理金鑰資料流程與具有安全功能儲存和時鐘 模組5 ; 5·控制智慧型讀卡機模組4 ; 6.控制亂數產生器模組3產生亂數。 20 一智慧型讀卡機模組4,該讀卡機係符合ISO-7816並附 有鍵盤,透過RS-232連接控制器模組2,可由此做金鑰分 持備份及使用者安全控管。 一亂數產生器模組3,其架構如圖四所示,係提供· 丨 丨! !! Order-_ ί _ I 501013 PA890395.TWP-8/15 A7 B7 V. Description of the invention (6) It uses the ARM 7 TDMI RISC processor, CPU Micro Code, peak performance of 40 MIPS, and quickly executes system data Action of access control 'Built-in Ethernet integrates 10/100 Megabit per Second MAC controller, and can provide network interface interface to provide a large amount of 5 and fast encryption and decryption math operation data to Memory, or send the key data generated by the math operator module 8 to the server; provide a smart card interface 'to connect the smart card reader module 4 via RS-232, so that the key can be read from the smart card It is then directly transferred into the mathematical calculator module 8 for internal calculations, and will not be exposed to the memory and hard disk of the PC. And its main functions are: 10 1 · Processing call math operator module 8 Execution of security and security modules including RSA, Triple DES, RC6, ECC, Diffie-Hellman, DSA, SHA-1 prime number generation, etc .; 2 · Providing 10 Channels DMA controller, which is responsible for processing data sent and received on the Ethernet; 15 3 · Manages system memory and other resources; 4 · Controls the process of processing key data and has storage and clock modules with security functions 5; 5 · Controls smart card readers Module 4; 6. Control random number generator Module 3 generates random numbers. 20 A smart card reader module 4, the card reader is ISO-7816-compliant and has a keyboard. It is connected to the controller module 2 through RS-232, which can be used for key share backup and user security control. . A random number generator module 3, whose architecture is shown in Figure 4, is provided
White Noise-based hardware RNG 之 Random numbers 且以 Johnson 本紙張尺度_中國國家標準(CNS)A4規格(210 X 297公爱) ----———裝—-----訂-----— (請先閱讀背面之注意事項再填寫本頁) 經濟部智慧財產局員工消費合作社印製 經濟部智慧財產局員工消費合作社印製 501013 Α7 ____ Β7 PA890395.TWP - 9/15 五、發明説明(7)Random numbers of White Noise-based hardware RNG and Johnson's paper size_China National Standard (CNS) A4 Specification (210 X 297 Public Love) ----———— Installation —----- Order ---- -— (Please read the notes on the back before filling out this page) Printed by the Employees 'Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs Printed by the Employees' Cooperatives of the Ministry of Economics and Intellectual Property Bureau Printed by the Employees ’Cooperatives 501310 Α7 ____ Β7 PA890395.TWP-9/15 5. Description of the Invention (7)
Noise phenomenon 產生 Random numbers,操作速度達到 20,000 bits/sec,不需要seed value,且與TTL I/O訊號相容。 一數學運算器模組,其架構如圖五所示,主要架構包 含一數學運算器81、重置電路82、解碼電路83、快閃記憶 5 體84及雙埠記憶體85 ;其係負責執行包含RSA、Triple DES、RC6、ECC、Diffie_Hellman、DSA、SHA-1 質數產生等 安全保密模組; 其中,該加速RSA運算的密碼原理係採: (1)蒙哥馬利演算法(Montgomery Algorithm):Noise phenomenon generates random numbers, the operation speed reaches 20,000 bits / sec, no seed value is needed, and it is compatible with TTL I / O signals. A mathematical operator module, whose structure is shown in Figure 5. The main architecture includes a mathematical operator 81, a reset circuit 82, a decoding circuit 83, a flash memory 5 body 84, and a dual-port memory 85; it is responsible for execution Contains RSA, Triple DES, RC6, ECC, Diffie_Hellman, DSA, SHA-1 prime number generation and other security modules; Among them, the cryptographic principle for accelerating RSA operation adopts: (1) Montgomery Algorithm:
10 設N和R為互質整數,令N’=-N4 mod R 則對所有整數T,( T + MN )/R是一整數並滿足下列式 子:10 Let N and R be coprime integers, and let N ’=-N4 mod R then for all integers T, (T + MN) / R be an integer and satisfy the following formula:
(T + MR)/R = TR-1 modN 其中 Μ=ΊΚ mod R 15 (2)中國餘數定理(Chinese Remainder Theorem): 設r和s為互質整數,並設a和b為任意整數,則會有一 整數N滿足下列式子: N = a mod r 和 20 N = b mod s 用於RSA解密或簽章時根據中國餘數定理; 設C為加密後之密文,p、q為私密金鑰之質數,Ke為 公開金鑰之指數部分(Publ ic exponent)。根據中國 餘數定理做以下之運算可以得到明文Μ : -9 _ 本紙張尺度適用中國國家標準(CNS ) A4規格(21〇X297公釐) I:---^-----------訂-----^ 線 (請先閲讀背面之注意事項再填寫本頁) 501013 A7 B7 PA890395.TWP - 10/15 經濟部智慧財產局員工消費合作社印製 五、發明説明(》) 1. C! = C mod p 2. C2 = C mod q Im^qKdPmodp 4. m2 = C2Kdq mod q 5 5.M=[((m2+q-m1)A) mod q ] p + ni! 其中p〈q KdpKe=lmod(p-l) Kdq Ke = 1 mod (q-1) A p = 1 mod q o 10 一具有安全功能儲存和時鐘模組,該模組主要係負責 秘密金鑰安全儲存,以確保資料不會被竊取;其架構如圖 六所示,主要架構包含微處理器51、時鐘52、儲存記憶體 55、儲存記憶體保護電路53及輸入輸出介面54 ;其中,該 讀取或寫入資料均須藉由數位訊號處理器與模組中之微處 15 理器51特殊協定來達成,使得防止金鑰被竊取模組6將信 號送至數位訊號處理器時,即會通知模組中之微處理器51 做清除動作,以達到金鑰不被竊取之功能。而時鐘52可於 進行電子簽章時自動加入時間戳印(Time stamping)及系統時 間管理。 20 一防止金鑰被竊取(Tamper-proof key)模組6,本模組為 一組感應電路61、一個充電電路62、清除金鑰電路63及備 用電池模組所組成,其架構如圖七所示,俾當有人想竊取 私密金鑰時,該感應電路61即會觸發,並立即將感應信號 送至具有安全功能secure key storage模組,該具有安全功能 -10- (請先閲讀背面之注意事 4 項再填· 裝— :寫本頁)(T + MR) / R = TR-1 modN where M = ΊΚ mod R 15 (2) Chinese Remainder Theorem: Let r and s be coprime integers, and let a and b be arbitrary integers, then There will be an integer N that satisfies the following formula: N = a mod r and 20 N = b mod s according to the Chinese remainder theorem when used for RSA decryption or signature; Let C be the encrypted ciphertext, and p and q the private key For prime numbers, Ke is the exponent of the public key. According to the Chinese remainder theorem, the following operation can be obtained to obtain the plain text M: -9 _ This paper size applies the Chinese National Standard (CNS) A4 specification (21 × 297 mm) I: --- ^ --------- --Order ----- ^ line (please read the precautions on the back before filling this page) 501013 A7 B7 PA890395.TWP-10/15 Printed by the Consumers ’Cooperative of Intellectual Property Bureau of the Ministry of Economic Affairs 1. C! = C mod p 2. C2 = C mod q Im ^ qKdPmodp 4. m2 = C2Kdq mod q 5 5.M = [((m2 + q-m1) A) mod q] p + ni! Where p <Q KdpKe = lmod (pl) Kdq Ke = 1 mod (q-1) A p = 1 mod qo 10 A storage and clock module with security functions, the module is mainly responsible for the secure storage of secret keys to ensure data It will not be stolen; its architecture is shown in Figure 6. The main architecture includes a microprocessor 51, a clock 52, a storage memory 55, a storage memory protection circuit 53, and an input / output interface 54. Among them, the read or write data Both must be achieved through the special agreement between the digital signal processor and the microprocessor 51 in the module, so that when the key is prevented from being stolen, the module 6 sends the signal to the digital signal processor. In the known module microprocessor 51 to do cleanup actions to achieve the key is not stolen function. The clock 52 can automatically add time stamping and system time management when performing electronic signature. 20 A Tamper-proof key module 6. This module is composed of a set of induction circuit 61, a charging circuit 62, a clear key circuit 63, and a backup battery module. Its structure is shown in Figure 7. As shown, when someone wants to steal the private key, the induction circuit 61 will trigger and immediately send the induction signal to a secure key storage module with a security function, which has a security function-10- (Please read the note on the back first 4 items to refill and install —: write this page)
、1T 本紙張尺度適用中國國家標準(CNS ) Α4規格(210X 297公釐) 501013 A7 B7 PA890395.TWP - 11/15 經濟部智慧財產局員工消費合作社印製 五、發明說明(f) secure key storage模組中之微處理器即會做清除secure key storage中的key動作;而此時若無外接電源,備用電池便會 '供應所需此清除secure key storage動作所需的電力。防止金 输被竊取模組電路有下列6種· 5 1 .Micro Switch ; 2. Case 繞線; 3. 光學感測器; 4. 震動感測器; 5. 近接開關; 10 6.塗料保護。 一乙太數據通訊界面模組7,本模組之硬體部分 Ethernet PHY 1C,係用以提供乙太數據通訊界面,而模組 的軟體部份則是由控制器模組2提供10 Channel DMA控制 器,負責處理乙太網路收發資料。 15 再者,針對保密器初始狀態金鑰流程作一說明,該保 密器係提供金鑰管理功能,第一次使用時需做起始化的動 作,方能安全的管理金鑰;而其流程如下: 1·硬體安裝起始化流程: a.進入起始狀態; 20 b.產生回復金鑰(recovery key); c·產生一新的主金鍮(local master key); d·用回復金鑰加密新的主金鑰,並將此密文輸出; e·產生主加密金鑰(master key encryption key)用以保護 女全控管金鎗(Security Officer key); -11 - (請先閱讀背面之注意事項再填寫本頁) Γ-裝 ----訂------— 本紙張尺度適用中國國家標準(CNS)A4規格(210 X 297公麓) 501013 PA890395.TWP - 12/15 Α7 Β7 五、發明説明(/σ) f·將主加密金输的金输分持資料寫入1C卡内; g·產生安全控管人員金鑰(Security Officer key); h.用主加密金鑰加密安全控管人員金鑰,並將此密 文輸出; 5 i·設定安全控管人員金鑰; j.進入操作狀態; 2. 產生使用者金鑰流程: a.產生或輸入工作加密金输(working encryption key); b·將工作加密金鑰寫入1C卡内; 10 c·產生或輸入使用者金鑰; 丄將使用者金鑰的金鑰分持資料寫入1C卡内; 3. 使用金鑰流程: a. 載入金输; b. 執行密碼功能動作; 15 4.保密通訊流程: 高速保密器擁有自己的認證金鑰,在每次呼叫時必先 通過與呼叫之主機互相認證無誤後才執行RSA簽章、RSA 加解密及RSA私密金鑰寫入等保密運算及相關功能。以下 描述步驟過程: 20 定義: SA:高速保密器A。、 1T This paper size applies the Chinese National Standard (CNS) A4 specification (210X 297 mm) 501013 A7 B7 PA890395.TWP-11/15 Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs 5. Description of the invention (f) Secure key storage The microprocessor in the module will clear the key in the secure key storage. If there is no external power supply at this time, the backup battery will 'supply the power required to clear the secure key storage. There are 6 types of module circuits to prevent theft of gold. 5 1. Micro Switch; 2. Case winding; 3. Optical sensor; 4. Vibration sensor; 5. Proximity switch; 10 6. Coating protection. An Ethernet data communication interface module 7, the hardware part of the module, Ethernet PHY 1C, is used to provide the Ethernet data communication interface, and the software part of the module is provided by the controller module 2 10 Channel DMA The controller is responsible for processing the data sent and received by the Ethernet. 15 Furthermore, the key flow of the initial state of the security device will be explained. The security device provides the key management function. The initial operation is required to manage the key securely when it is used for the first time. As follows: 1. The hardware installation initialization process: a. Enter the initial state; 20 b. Generate a recovery key; c. Generate a new local master key; d. Use a recovery The key encrypts the new master key and outputs the ciphertext; e. Generate a master key encryption key to protect the female security officer key; -11-(please first Read the notes on the reverse side and fill in this page) Γ-Binding ---- Order ------------ This paper size is applicable to China National Standard (CNS) A4 (210 X 297 foot) 501013 PA890395.TWP-12 / 15 Α7 Β7 V. Description of the invention (/ σ) f · Write the gold loss holding data of the main encrypted gold loss into the 1C card; g · Generate the Security Officer key; h. Use the master The encryption key encrypts the security controller key and outputs the ciphertext; 5 i · Set the security controller key; j. Enter the operation State; 2. Generate user key process: a. Generate or enter working encryption key; b. Write working encryption key into 1C card; 10 c. Generate or enter user key;丄 Write the key share information of the user key into the 1C card; 3. Use the key flow: a. Load the gold loss; b. Perform the password function action; 15 4. Confidential communication flow: High-speed confidential device ownership For each authentication key, it must first perform RSA signature, RSA encryption and decryption, and RSA private key writing and other related functions after mutual authentication with the calling host. The following describes the steps: 20 Definition: SA: High-speed Security Device A.
KeyA滿速保密器A的高速保密器認證金鑰。 HA:呼叫高速保密器A的主機(可為UNIX或Windows NT 伺服器)A 〇 12- 本紙張尺度適用中國國家標準(CNS ) A4規格(210X297公釐) 丨 ^---^----裝-------訂-----線 (請先閲讀背面之注意事項再填寫本頁) 經濟部智慧財產局員工消費合作社印製 501013 A7 PA890395.TWP - 13/15 B7 五、發明說明(// ) C=DES(P,Key):資料加密演算法。對明文p以金鑰Key加 密,得密文C。 (請先閱讀背面之注意事項再填寫本頁) 5.呼叫流程: a·針對某次呼叫,呼叫高速保密器a的主機以亂數產 5 生器產生一亂數稱為HP送給高速保密器A ; b·高速保密器A用認證金匙KeyA加密HP ; CA1=DES(HP,KeyA)送回給呼叫高速保密器A的主 機; c.呼叫高速保密器A的主機同時亦用認證金匙KeyA加 10密HP產生CA2=DES(HP,KeyA)並比較cA1與CA2是否相同, 若相同才繼續下面動作; d·高速保密器A以亂數產生器產生一亂數稱為SP送給 呼叫高速保密器A的主機; e·呼叫高速保密器A的主機用認證金匙KeyA加密SP, 15 CH1=DES(SP,KeyA)送回給高速保密器A ; f·高速保密器A同時亦用認證金匙KeyA加密SP產生 〇η2=ΒΕ8(8Ρ,KeyA)並比較(^⑴與CH2是否相同’若相同才繼 續下面動作。 經濟部智慧財產局員工消費合作社印製 g·執行RSA簽章、RSA加解密或RSA私密金鑰寫入等 20 保密運算。 另請參閱圖八所示,係本發明之最佳實施例,本發明 最直接的應用是研考會委託中華電信研發的中華民國政府 憑證管理中心(Government Certification Authority,GCA)簡稱 GCA的CA伺服器系統91上,CA的簽章秘密金鑰係存放於 -13- 本紙張尺度適用中國國家標準(CNS)A4規格(210 X 297公釐) 501013 A7 B7 PA890395.TWP - 14/15 經濟部智慧財產局員工消費合作社印製 五、發明說明(/1) 本發明之高速保密器92中,以保障CA的安全性。GCA已經 成功的完成網路報稅及電子公路監理網站等應用。 : 並請參閱圖九所示,戲本發明之GCARoot金鑰管理的 示意圖,其主要係由指導委員會93 (研考會、電信總局、 5中華電信公司)授權CA金鑰對保管人員95,該CA金鑰對 保管人員95即會將CA金鑰存入RSA硬體96中,並簽發憑證 至CA系統安控人員97中,使CA系統安控人員97可進行金 鑰之管理;或者,該指導委員會93亦可直接授權營運管理 分組94 (中華電信數據分公司),再由營運管理分組94授 10 權CA系統安控人員97進行金鑰之管理。 【特點及功效】 本發明所提供之高速保密器,與其他習用技術相互比 較時,更具有下列之優點: 1. 本發明係以一種硬體安全保密設備來取代以軟體方 15 式進行密鑰之加密,使其具有儲存及運作多組金鑰以及金 鑰管理之功效。 2. 本發明之RSA金鑰長度可為768、1024及2048位元之 多種選擇,使其具有防止擅改的開蓋金鑰銷毀功能。 3. 本發明具有主機與簽章安控單元互相認證的功能, 20 並内含時鐘,以提供時間管理簽章安控單元啟動自我檢查 功能。 4. 本發明可提供硬體金鑰分持功能,使其可應用於需 高度保護及高速運算之憑證管理中心或加解密通信伺服器 上。 -14- (請先閱讀背面之注意事項再填寫本頁) Γ-裝 ----訂-------- 本紙張尺度適用中國國家標準(CNS)A4規格(210 X 297公釐) 501013 A7 B7 PA890395.TWP - 15/15 五、發明說明(/;) 上列詳細說明係針對本發明之一可行實施例之具體說 明,惟該實施例並非用以限制本發明之專利範圍,凡未脫 離本發明技藝精神所為之等效實施或變更,均應包含於本 案之專利範圍中。 5 綜上所述,本案不但在技術思想上確屬創新,並能較 習用物品增進上述多項功效,應已充分符合新穎性及進步 性之法定發明專利要件,爰依法提出申請,懇請貴局核 准本件發明專利申請案,以勵發明,至感德便。 (請先閱讀背面之注意事項再填寫本頁) 裝 ' 經濟部智慧財產局員工消費合作社印製 -15- 本紙張尺度適用中國國家標準(CNS)A4規格(210 X 297公釐)KeyA Full-speed secret A A high-speed secret authentication key. HA: Host calling high-speed security device A (can be UNIX or Windows NT server) A 〇12- This paper size applies to China National Standard (CNS) A4 specification (210X297 mm) 丨 ^ --- ^ ---- Packing ------- order ----- line (please read the precautions on the back before filling this page) Printed by Employee Consumption Cooperative of Intellectual Property Bureau of the Ministry of Economic Affairs 501013 A7 PA890395.TWP-13/15 B7 V. DESCRIPTION OF THE INVENTION (//) C = DES (P, Key): data encryption algorithm. The plaintext p is encrypted with the key Key to obtain the ciphertext C. (Please read the precautions on the back before filling this page) 5. Call flow: a. For a certain call, the host calling the high-speed security device a generates random numbers with 5 random generators, which is called HP to give high-speed security Device A; b. The high-speed security device A encrypts HP with the authentication key KeyA; CA1 = DES (HP, KeyA) is sent back to the host calling the high-speed security device A; c. The host calling the high-speed security device A also uses the authentication money KeyA adds 10 secrets and HP generates CA2 = DES (HP, KeyA) and compares whether cA1 and CA2 are the same. If they are the same, continue with the following actions; d. The high-speed security device A generates a random number with a random number generator called SP and sends it to Call the host of the high-speed security device A; e. The host calling the high-speed security device A encrypts the SP with the authentication key KeyA, 15 CH1 = DES (SP, KeyA) and sends it back to the high-speed security device A; f. The high-speed security device A also Use the authentication key KeyA to encrypt the SP to generate 〇η2 = ΒΕ8 (8P, KeyA) and compare (^ ⑴ and CH2 are the same. If they are the same, continue with the following action. Printed by the Consumer Cooperative of the Intellectual Property Bureau of the Ministry of Economic Affairs g. Execute the RSA seal , RSA encryption and decryption, or RSA private key writing. 20 See also Figure 8. This is the preferred embodiment of the present invention. The most direct application of the present invention is the CA server system 91 of the Government of the Republic of China Government Certification Authority (GCA), which is commissioned by the China Telecom Research and Development Institute, and is signed by the CA. Chapter Secret Key System is stored at -13- This paper size applies to Chinese National Standard (CNS) A4 (210 X 297 mm) 501013 A7 B7 PA890395.TWP-14/15 Printed by the Employees' Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs Explanation of the invention (/ 1) In the high-speed security device 92 of the present invention, to ensure the security of the CA. GCA has successfully completed applications such as online tax filing and electronic highway supervision websites .: Please refer to Figure 9 for a playbook Schematic diagram of the invented GCARoot key management, which is mainly authorized by the Steering Committee 93 (Research Institute, General Administration of Telecommunications, 5 Chunghwa Telecom) to the CA key pair custodian 95, and the CA key pair custodian 95 will transfer the CA The key is stored in the RSA hardware 96, and the certificate is issued to the CA system security controller 97, so that the CA system security controller 97 can manage the key; or, the steering committee 93 can also directly authorize The operation management group 94 (China Telecom Data Branch), and then the operation management group 94 grants 10 CA system security control personnel 97 to manage the keys. [Features and effects] The high-speed security device provided by the present invention and other conventional applications When the technologies are compared with each other, they have the following advantages: 1. The present invention replaces the encryption of the key in software 15 with a hardware security device, which enables it to store and operate multiple sets of keys and key management. Effect. 2. The RSA key length of the present invention can be selected in multiples of 768, 1024, and 2048 bits, so that it has the function of preventing unauthorized opening of the key from destruction. 3. The present invention has the function of mutual authentication between the host and the signature security control unit, and includes a clock to provide the time management signature security control unit to initiate a self-check function. 4. The present invention can provide a hardware key sharing function, which can be applied to a certificate management center or a encryption and decryption communication server that requires high protection and high-speed operation. -14- (Please read the precautions on the back before filling this page) Γ-Binding ---- Order -------- This paper size applies to China National Standard (CNS) A4 (210 X 297 mm) ) 501013 A7 B7 PA890395.TWP-15/15 V. Description of the Invention (/;) The detailed description above is a specific description of a feasible embodiment of the present invention, but this embodiment is not intended to limit the scope of the patent of the present invention. Any equivalent implementation or change that does not depart from the technical spirit of the present invention should be included in the patent scope of this case. 5 In summary, this case is not only technically innovative, but also enhances the above-mentioned multiple effects over conventional items. It should have fully met the requirements for novel and progressive statutory invention patents, and applied in accordance with the law. This invention patent application is designed to encourage inventions, and it is a matter of virtue. (Please read the precautions on the back before filling out this page) Pack '' Printed by the Consumer Cooperatives of the Intellectual Property Bureau of the Ministry of Economic Affairs -15- This paper size applies to China National Standard (CNS) A4 (210 X 297 mm)