TWI691896B - Microcontroller, decryption method for microcontroller and decryption system - Google Patents

Microcontroller, decryption method for microcontroller and decryption system Download PDF

Info

Publication number
TWI691896B
TWI691896B TW107147571A TW107147571A TWI691896B TW I691896 B TWI691896 B TW I691896B TW 107147571 A TW107147571 A TW 107147571A TW 107147571 A TW107147571 A TW 107147571A TW I691896 B TWI691896 B TW I691896B
Authority
TW
Taiwan
Prior art keywords
volatile memory
microcontroller
encrypted data
decryption
controller
Prior art date
Application number
TW107147571A
Other languages
Chinese (zh)
Other versions
TW202026866A (en
Inventor
涂結盛
Original Assignee
新唐科技股份有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 新唐科技股份有限公司 filed Critical 新唐科技股份有限公司
Priority to TW107147571A priority Critical patent/TWI691896B/en
Priority to CN201911364351.XA priority patent/CN111382426A/en
Application granted granted Critical
Publication of TWI691896B publication Critical patent/TWI691896B/en
Publication of TW202026866A publication Critical patent/TW202026866A/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/71Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Mathematical Physics (AREA)
  • Storage Device Security (AREA)
  • Microcomputers (AREA)

Abstract

A microcontroller is provided in the invention. The microcontroller comprises a first non-volatile memory, a volatile memory, a second non-volatile memory, and a processor. The controller obtains a decryption program and an encrypted data form a burning device through a communication interface. The first non-volatile memory is coupled to the controller and receives the decryption program. The volatile memory is coupled to the controller and receives the encrypted data. The second non-volatile memory stores the decrypted data. The processor is coupled to the first non-volatile memory, volatile memory and second non-volatile memory, and generates the decrypted data according to the decryption program and the encrypted data.

Description

微控制器、微控制器解密方法和解密系統Microcontroller, microcontroller decryption method and decryption system

本發明說明書主要係有關於一微控制器解密技術,特別係有關於藉由事先下載至微控制器之解密資料,來解密欲燒錄至為控制器之加密資料之微控制器解密技術。The description of the present invention mainly relates to a microcontroller decryption technology, and in particular to a microcontroller decryption technology that decrypts the encrypted data to be burned into the controller by decrypting the data downloaded to the microcontroller in advance.

傳統上,在使用燒錄裝置對微控制器(或單晶片)進行燒錄過程中,為了避免資料在進行傳輸時,原始碼會被側錄,燒錄裝置會將要燒錄至微控制器(或單晶片)之資料進行加密。然後,在微控制器中在進行解密。Traditionally, in the process of burning a microcontroller (or single chip) using a burning device, in order to avoid the source code being recorded sideways when the data is being transferred, the burning device will burn to the microcontroller ( Or single chip) data is encrypted. Then, decryption takes place in the microcontroller.

然而,受限於某些微控制器(例如:8051微控制器)硬體上之限制,燒錄裝置預先提供之解密程式並無法在這些微控制器之隨機存取記憶體(Random Access Memory, RAM)上直接被這些微控制器之處理器執行。因此,若燒錄裝置直接傳送未加密之資料至這些微控制器中,資料的安全性將會受到影響。However, due to the hardware limitations of some microcontrollers (for example: 8051 microcontrollers), the decryption program provided in advance by the burning device cannot be used in the random access memory (RAM of these microcontrollers) ) Is directly executed by the processors of these microcontrollers. Therefore, if the programming device directly sends unencrypted data to these microcontrollers, the security of the data will be affected.

有鑑於上述先前技術之問題,本發明提供了一微控制器解密技術,特別係有關於藉由事先下載至微控制器之解密資料,來解密欲燒錄至為控制器之加密資料之微控制器、微控制器解密方法和解密系統。In view of the above-mentioned problems of the prior art, the present invention provides a microcontroller decryption technology, and in particular relates to a micro-controller that decrypts the encrypted data to be burned into the controller by downloading the decrypted data to the microcontroller in advance Device, microcontroller decryption method and decryption system.

根據本發明之一實施例提供了一種微控制器。上述微控制器包括一控制器、一第一非揮發性記憶體、一揮發性記憶體、一第二非揮發性記憶體,以及一處理器。控制器藉由一通訊界面從一燒錄裝置取得一解密程式和一加密資料。第一非揮發性記憶體耦接上述控制器,以及儲存上述解密程式。揮發性記憶體耦接上述控制器,以及儲存上述加密資料。第二非揮發性記憶體儲存解密資料。處理器耦接上述第一非揮發性記憶體、上述第二非揮發性記憶體和上述揮發性記憶體,以及根據上述解密程式解密上述加密資料,以產生上述解密資料。According to one embodiment of the present invention, a microcontroller is provided. The microcontroller includes a controller, a first non-volatile memory, a volatile memory, a second non-volatile memory, and a processor. The controller obtains a decryption program and an encrypted data from a programming device through a communication interface. The first non-volatile memory is coupled to the controller and stores the decryption program. The volatile memory is coupled to the controller and stores the encrypted data. The second non-volatile memory stores decrypted data. The processor is coupled to the first non-volatile memory, the second non-volatile memory, and the volatile memory, and decrypts the encrypted data according to the decryption program to generate the decrypted data.

在一些實施例中,在上述控制器將取得之上述加密資料儲存到上述揮發性記憶體前,上述控制器會先暫停上述處理器。當上述加密資料儲存到上述揮發性記憶體後,上述控制器會在啟動上述處理器。當上述處理器啟動後,上述處理器分別從上述第一非揮發性記憶體和上述揮發性記憶體取得上述解密程式和上述加密資料,並根據上述解密程式解密上述加密資料,以產生上述解密資料,並將上述解密資料儲存到上述第二非揮發性記憶體。In some embodiments, before the controller stores the obtained encrypted data in the volatile memory, the controller will first suspend the processor. After the encrypted data is stored in the volatile memory, the controller will start the processor. After the processor is started, the processor obtains the decryption program and the encrypted data from the first non-volatile memory and the volatile memory respectively, and decrypts the encrypted data according to the decryption program to generate the decrypted data And store the decrypted data in the second non-volatile memory.

根據本發明之一實施例提供了一種微控制器解密方法。上述微控制器解密方法適用一微控制器。上述微控制器解密方法之步驟包括,藉由一通訊界面從一燒錄裝置取得一解密程式;儲存上述解密程式於上述微控制器之一第一非揮發性記憶體;藉由上述通訊界面從上述燒錄裝置取得一加密資料;儲存上述加密資料於上述微控制器之一揮發性記憶體;藉由上述微控制器之一處理器根據上述解密程式解密上述加密資料,以產生一解密資料;以及儲存上述解密資料於上述微控制器之一第二非揮發性記憶體。According to one embodiment of the present invention, a microcontroller decryption method is provided. The above microcontroller decryption method is suitable for a microcontroller. The steps of the microcontroller decryption method include: obtaining a decryption program from a programming device via a communication interface; storing the decryption program in a first non-volatile memory of the microcontroller; using the communication interface from The burning device obtains an encrypted data; stores the encrypted data in a volatile memory of the microcontroller; a processor of the microcontroller decrypts the encrypted data according to the decryption program to generate a decrypted data; And storing the decrypted data in a second non-volatile memory of the microcontroller.

根據本發明之一實施例提供了一種解密系統。上述解密系統包括一燒錄裝置以及一微控制器。上述微控制器包括一控制器、一第一非揮發性記憶體、一揮發性記憶體、一第二非揮發性記憶體,以及一處理器。控制器藉由一通訊界面從一燒錄裝置取得一解密程式和一加密資料。第一非揮發性記憶體耦接上述控制器,以及儲存上述解密程式。揮發性記憶體耦接上述控制器,以及儲存上述加密資料。第二非揮發性記憶體儲存解密資料。處理器耦接上述第一非揮發性記憶體、上述第二非揮發性記憶體和上述揮發性記憶體,以及根據上述解密程式解密上述加密資料,以產生上述解密資料。According to one embodiment of the present invention, a decryption system is provided. The above decryption system includes a programming device and a microcontroller. The microcontroller includes a controller, a first non-volatile memory, a volatile memory, a second non-volatile memory, and a processor. The controller obtains a decryption program and an encrypted data from a programming device through a communication interface. The first non-volatile memory is coupled to the controller and stores the decryption program. The volatile memory is coupled to the controller and stores the encrypted data. The second non-volatile memory stores decrypted data. The processor is coupled to the first non-volatile memory, the second non-volatile memory, and the volatile memory, and decrypts the encrypted data according to the decryption program to generate the decrypted data.

關於本發明其他附加的特徵與優點,此領域之熟習技術人士,在不脫離本發明之精神和範圍內,當可根據本案實施方法中所揭露之微控制器、微控制器解密方法和解密系統,做些許的更動與潤飾而得到。Regarding other additional features and advantages of the present invention, those skilled in the art can, without departing from the spirit and scope of the present invention, according to the microcontroller, the microcontroller decryption method and the decryption system disclosed in the implementation method of the present case , To get some changes and retouching.

本章節所敘述的是實施本發明之較佳方式,目的在於說明本發明之精神而非用以限定本發明之保護範圍,本發明之保護範圍當視後附之申請專利範圍所界定者為準。This section describes the best way to implement the present invention, the purpose is to illustrate the spirit of the present invention and not to limit the scope of protection of the present invention, the scope of protection of the present invention shall be subject to the scope of the attached patent application shall prevail .

第1圖係顯示根據本發明之一實施例所述之解密系統之方塊圖。如第1圖所示,解密系統可包括一微控制器(microcontroller,MCU)100以及一燒錄裝置300。燒錄裝置300可藉由一通訊介面200耦接至微控制器100。根據本發明一實施例,微控制器100可係一8051微控制器(單晶片)。根據本發明一實施例,通訊界面200可係一串列除錯(Serial Wire Debug,SWD)介面,微控制器100和燒錄裝置300都可支援通訊界面200之傳輸。Figure 1 is a block diagram of a decryption system according to an embodiment of the invention. As shown in FIG. 1, the decryption system may include a microcontroller (MCU) 100 and a programming device 300. The programming device 300 can be coupled to the microcontroller 100 via a communication interface 200. According to an embodiment of the invention, the microcontroller 100 can be an 8051 microcontroller (single chip). According to an embodiment of the invention, the communication interface 200 may be a serial wire debugging (Serial Wire Debug, SWD) interface, and both the microcontroller 100 and the programming device 300 may support the transmission of the communication interface 200.

如第1圖所示,微控制器100可包括一控制器110、一第一非揮發性記憶體(non-volatile memory)120、一第二非揮發性記憶體130、一揮發性記憶體(volatile memory)140,以及一處理器150。需注意地是,在第1圖所示之方塊圖,僅係為了方便說明本發明之實施例,但本發明並不以此為限。在微控制器100中亦可包含其他元件。As shown in FIG. 1, the microcontroller 100 may include a controller 110, a first non-volatile memory (non-volatile memory) 120, a second non-volatile memory 130, and a volatile memory ( volatile memory) 140, and a processor 150. It should be noted that the block diagram shown in FIG. 1 is only for the convenience of describing the embodiments of the present invention, but the present invention is not limited thereto. The microcontroller 100 may also include other elements.

如第1圖所示,控制器110會耦接至第一非揮發性記憶體120、揮發性記憶體140以及處理器150。處理器150會耦接至第一非揮發性記憶體120、第二非揮發性記憶體130以及揮發性記憶體140。As shown in FIG. 1, the controller 110 is coupled to the first non-volatile memory 120, the volatile memory 140 and the processor 150. The processor 150 is coupled to the first non-volatile memory 120, the second non-volatile memory 130, and the volatile memory 140.

根據本發明之一實施例,第一非揮發性記憶體120可係一快閃記憶體(flash memory),或一唯讀記憶體(Read Only Memory, ROM),但本發明不以此為限。根據本發明一實施例,第一非揮發性記憶體120可用以儲存開機程式。當要啟動(開機)微控制器100時,開機程式會被執行,以啟動微控制器100。此外,第一非揮發性記憶體120可用以儲存燒錄裝置300預先提供之解密程式,其中解密程式可被用來解密燒錄裝置300所提供之加密資料。在本發明之實施例中,燒錄裝置300可用以儲存要燒錄至微控制器100之資料。燒錄裝置300在傳送要燒錄至微控制器100之資料至微控制器100前,燒錄裝置300會先加密要燒錄至微控制器100之資料,以產生加密資料。According to an embodiment of the present invention, the first non-volatile memory 120 may be a flash memory (flash memory) or a read only memory (Read Only Memory, ROM), but the present invention is not limited to this . According to an embodiment of the invention, the first non-volatile memory 120 can be used to store a boot program. When the microcontroller 100 is to be started (powered on), a boot program will be executed to start the microcontroller 100. In addition, the first non-volatile memory 120 can be used to store the decryption program provided by the burning device 300 in advance, wherein the decryption program can be used to decrypt the encrypted data provided by the burning device 300. In the embodiment of the present invention, the burning device 300 can be used to store data to be burned to the microcontroller 100. Before the programming device 300 transmits the data to be burned to the microcontroller 100 to the microcontroller 100, the programming device 300 will first encrypt the data to be burned to the microcontroller 100 to generate encrypted data.

根據本發明一實施例,解密程式中可包括一日期和時間資訊、一燒錄裝置300之識別(ID)資訊,以及一金鑰資訊。此外,根據本發明一實施例,解密程式中所包含之資訊會隨機作排列,因此,微控制器100每一次取得之解密程式都會不相同。此外,不同燒錄裝置所提供之解密程式亦會不相同。According to an embodiment of the invention, the decryption program may include a date and time information, an identification (ID) information of the burning device 300, and a key information. In addition, according to an embodiment of the present invention, the information contained in the decryption program is randomly arranged. Therefore, the decryption program obtained by the microcontroller 100 is different every time. In addition, the decryption programs provided by different burning devices will also be different.

根據本發明之一實施例,第二非揮發性記憶體130可係一快閃記憶體(flash memory),或一唯讀記憶體(Read Only Memory, ROM),但本發明不以此為限。根據本發明一實施例,第一非揮發性記憶體120之儲存容量會小於第二非揮發性記憶體130之儲存容量。根據本發明一實施例,第二非揮發性記憶體130可用以儲存加密資料被解密後之資料。According to an embodiment of the present invention, the second non-volatile memory 130 may be a flash memory (flash memory) or a read only memory (Read Only Memory, ROM), but the present invention is not limited to this . According to an embodiment of the invention, the storage capacity of the first non-volatile memory 120 is smaller than the storage capacity of the second non-volatile memory 130. According to an embodiment of the invention, the second non-volatile memory 130 can be used to store the decrypted data.

根據本發明一實施例,揮發性記憶體140可係一靜態隨機存取記憶體(Static Random Access Memory, SRAM),但本發明不以此為限。根據本發明一實施例,揮發性記憶體140可用以儲存燒錄裝置300所提供之加密資料。加密資料係經由燒錄裝置300加密要燒錄至微控制器100之資料所產生。According to an embodiment of the present invention, the volatile memory 140 may be a static random access memory (Static Random Access Memory, SRAM), but the present invention is not limited thereto. According to an embodiment of the invention, the volatile memory 140 can be used to store the encrypted data provided by the burning device 300. The encrypted data is generated by encrypting the data to be burned to the microcontroller 100 by the burning device 300.

根據本發明之一實施例,當要燒錄資料(即加密資料)至微控制器100,以更新微控制器100之韌體時,會先藉由燒錄裝置300經由通訊界面200將一解密程式(或更新之解密程式)傳送至微控制器100之控制器110,接著,控制器110會將解密程式儲存在第一非揮發性記憶體120中,以供後續微控制器100要解密加密資料時使用。According to an embodiment of the present invention, when data (ie, encrypted data) is to be burned to the microcontroller 100 to update the firmware of the microcontroller 100, a decryption is first performed by the burning device 300 via the communication interface 200 The program (or the updated decryption program) is sent to the controller 110 of the microcontroller 100, and then the controller 110 stores the decryption program in the first non-volatile memory 120 for subsequent microcontroller 100 to decrypt and encrypt Use for information.

解密程式儲存到第一非揮發性記憶體120後,微控制器100會被啟動(開機)。當微控制器100被啟動時,儲存在第一非揮發性記憶體120之開機程式(boot program)會被執行,以完成微控制器100開機時所需之初始化設定。After the decryption program is stored in the first non-volatile memory 120, the microcontroller 100 will be activated (turned on). When the microcontroller 100 is started, the boot program stored in the first non-volatile memory 120 is executed to complete the initial setting required when the microcontroller 100 is turned on.

當微控制器100啟動後,控制器110會先暫停(halt)處理器150,並經由通訊界面200從燒錄裝置300取得經由燒錄裝置300加密過之加密資料(即要燒錄至微控制器100之資料)。控制器110會將取得之加密資料儲存在揮發性記憶體140中。控制器110將加密資料儲存到揮發性記憶體140中後,處理器150會再被啟動。處理器150被啟動後,處理器150會從第一非揮發性記憶體120中取得解密程式,以及從揮發性記憶體140中取得加密資料。接著,處理器150會根據解密程式去解密加密資料,並將解密後之資料燒錄到第二非揮發性記憶體130,以更新原先儲存在第二非揮發性記憶體130之資料(即對微控制器100之韌體進行更新)。When the microcontroller 100 is started, the controller 110 will first halt the processor 150, and obtain the encrypted data encrypted by the burning device 300 from the burning device 300 via the communication interface 200 (ie burning to the micro control 100 information). The controller 110 stores the obtained encrypted data in the volatile memory 140. After the controller 110 stores the encrypted data in the volatile memory 140, the processor 150 will be activated again. After the processor 150 is started, the processor 150 will obtain the decryption program from the first non-volatile memory 120 and the encrypted data from the volatile memory 140. Then, the processor 150 will decrypt the encrypted data according to the decryption program, and burn the decrypted data to the second non-volatile memory 130 to update the data originally stored in the second non-volatile memory 130 (i.e. The firmware of the microcontroller 100 is updated).

第2圖係根據本發明之一實施例所述之微控制器解密方法之流程圖。微控制器解密方法適用微控制器100。如第2圖所示,在步驟S210,微控制器100會藉由一通訊界面從一燒錄裝置取得一解密程式。在步驟S220,解密程式會被儲存在微控制器100之一第一非揮發性記憶體。在步驟S230,經由第一非揮發性記憶體啟動(開機)微控制器100。在步驟S240,微控制器100之一控制器會先暫停微控制器100之處理器。在步驟S250,微控制器100會藉由通訊界面從燒錄裝置取得一加密資料。在步驟S260,加密資料會被儲存在微控制器100之一揮發性記憶體。Fig. 2 is a flowchart of a decryption method of a microcontroller according to an embodiment of the invention. The microcontroller decryption method is suitable for the microcontroller 100. As shown in FIG. 2, in step S210, the microcontroller 100 obtains a decryption program from a programming device via a communication interface. In step S220, the decryption program is stored in a first non-volatile memory of the microcontroller 100. In step S230, the microcontroller 100 is activated (powered on) via the first non-volatile memory. In step S240, one of the controllers of the microcontroller 100 will first suspend the processor of the microcontroller 100. In step S250, the microcontroller 100 obtains an encrypted data from the burning device via the communication interface. In step S260, the encrypted data is stored in a volatile memory of the microcontroller 100.

在步驟S270,微控制器100之處理器會被啟動,並分別從第一非揮發性記憶體和揮發性記憶體取得解密程式和加密資料。在步驟S280,微控制器100之處理器會根據解密程式解密加密資料,以產生解密資料,並將解密資料儲存(燒錄)在微控制器100之一第二非揮發性記憶體。在步驟S290,微控制器100之控制器會判斷是否還有要燒錄至控制器100(第二非揮發性記憶體)之資料。若還有要燒錄至控制器100之資料,控制器100會重新進行步驟S240~S290之操作。In step S270, the processor of the microcontroller 100 is started, and the decryption program and encrypted data are obtained from the first non-volatile memory and the volatile memory, respectively. In step S280, the processor of the microcontroller 100 decrypts the encrypted data according to the decryption program to generate decrypted data, and stores (burns) the decrypted data in a second non-volatile memory of the microcontroller 100. In step S290, the controller of the microcontroller 100 determines whether there is any data to be burned into the controller 100 (second non-volatile memory). If there is still data to be burned to the controller 100, the controller 100 will re-execute the steps S240-S290.

根據本發明之實施例所提出之微控制器解密方法,微控制器可根據預先儲存在其第一非揮發性記憶體之解密程式,在其內部對要燒錄至其內部之加密資料進行解密。因此,根據本發明之實施例所提出之微控制器解密方法,微控制器將可避免因其本身應體之限制,而無法直接在其內部對要燒錄至其內部之加密資料進行解密。According to the decryption method of the microcontroller according to the embodiment of the present invention, the microcontroller can decrypt the encrypted data to be burned into it according to the decryption program stored in its first non-volatile memory in advance . Therefore, according to the decryption method of the microcontroller proposed in the embodiment of the present invention, the microcontroller can avoid the limitation of its own body and cannot decrypt the encrypted data to be burned into it directly within it.

在本說明書中以及申請專利範圍中的序號,例如「第一」、「第二」等等,僅係為了方便說明,彼此之間並沒有順序上的先後關係。The serial numbers in this specification and in the scope of the patent application, such as "first", "second", etc., are for convenience of description only, and there is no sequential relationship between them.

本發明之說明書所揭露之方法和演算法之步驟,可直接透過執行一處理器直接應用在硬體以及軟體模組或兩者之結合上。一軟體模組(包括執行指令和相關數據)和其它數據可儲存在數據記憶體中,像是隨機存取記憶體(RAM)、快閃記憶體(flash memory)、唯讀記憶體(ROM)、可抹除可規化唯讀記憶體(EPROM)、電子可抹除可規劃唯讀記憶體(EEPROM)、暫存器、硬碟、可攜式應碟、光碟唯讀記憶體(CD-ROM)、DVD或在此領域習之技術中任何其它電腦可讀取之儲存媒體格式。一儲存媒體可耦接至一機器裝置,舉例來說,像是電腦/處理器(爲了說明之方便,在本說明書以處理器來表示),上述處理器可透過來讀取資訊(像是程式碼),以及寫入資訊至儲存媒體。一儲存媒體可整合一處理器。一特殊應用積體電路(ASIC)包括處理器和儲存媒體。一用戶設備則包括一特殊應用積體電路。換句話說,處理器和儲存媒體以不直接連接用戶設備的方式,包含於用戶設備中。此外,在一些實施例中,任何適合電腦程序之產品包括可讀取之儲存媒體,其中可讀取之儲存媒體包括和一或多個所揭露實施例相關之程式碼。在一些實施例中,電腦程序之產品可包括封裝材料。The method and algorithm steps disclosed in the specification of the present invention can be directly applied to hardware and software modules or a combination of both by executing a processor. A software module (including execution instructions and related data) and other data can be stored in data memory, such as random access memory (RAM), flash memory (flash memory), read-only memory (ROM) , Erasable and programmable read-only memory (EPROM), electronically erasable and programmable read-only memory (EEPROM), registers, hard drives, portable applications, CD-ROM (CD- ROM), DVD, or any other computer-readable storage media format in this field. A storage medium can be coupled to a machine device, for example, like a computer/processor (for the convenience of description, it is represented by a processor in this manual), the above processor can read information (such as a program) Code), and write information to storage media. A storage medium can integrate a processor. An application specific integrated circuit (ASIC) includes a processor and a storage medium. A user equipment includes a special application integrated circuit. In other words, the processor and the storage medium are included in the user equipment in a manner that does not directly connect to the user equipment. In addition, in some embodiments, any product suitable for a computer program includes a readable storage medium, where the readable storage medium includes code related to one or more disclosed embodiments. In some embodiments, the computer program product may include packaging materials.

以上段落使用多種層面描述。顯然的,本文的教示可以多種方式實現,而在範例中揭露之任何特定架構或功能僅為一代表性之狀況。根據本文之教示,任何熟知此技藝之人士應理解在本文揭露之各層面可獨立實作或兩種以上之層面可以合併實作。The above paragraphs use multiple levels of description. Obviously, the teachings in this article can be implemented in many ways, and any specific architecture or function disclosed in the example is only a representative situation. According to the teaching of this article, anyone who is familiar with this skill should understand that each level disclosed in this article can be implemented independently or two or more levels can be implemented in combination.

雖然本揭露已以實施例揭露如上,然其並非用以限定本揭露,任何熟習此技藝者,在不脫離本揭露之精神和範圍內,當可作些許之更動與潤飾,因此發明之保護範圍當視後附之申請專利範圍所界定者為準。Although this disclosure has been disclosed as above with examples, it is not intended to limit this disclosure. Anyone who is familiar with this skill can make some changes and modifications within the spirit and scope of this disclosure, so the scope of protection of the invention The scope defined in the attached patent application scope shall prevail.

100:微控制器 110:控制器 120:第一非揮發性記憶體 130:第二非揮發性記憶體 140:揮發性記憶體 150:處理器 200:通訊界面 300:燒錄裝置 S210~S290:步驟100: microcontroller 110: controller 120: First non-volatile memory 130: second non-volatile memory 140: volatile memory 150: processor 200: Communication interface 300: Burning device S210~S290: Steps

第1圖係顯示根據本發明之一實施例所述之解密系統之方塊圖。 第2圖係根據本發明之一實施例所述之微控制器解密方法之流程圖。Figure 1 is a block diagram of a decryption system according to an embodiment of the invention. Fig. 2 is a flowchart of a decryption method of a microcontroller according to an embodiment of the invention.

S210~S290:步驟 S210~S290: Steps

Claims (10)

一種微控制器,包括: 一控制器,藉由一通訊界面從一燒錄裝置取得一解密程式和一加密資料; 一第一非揮發性記憶體,耦接上述控制器,以及儲存上述解密程式; 一揮發性記憶體,耦接上述控制器,以及儲存上述加密資料; 一第二非揮發性記憶體,儲存解密資料;以及 一處理器,耦接上述第一非揮發性記憶體、上述第二非揮發性記憶體和上述揮發性記憶體,以及根據上述解密程式解密上述加密資料,以產生上述解密資料。A microcontroller includes: a controller that obtains a decryption program and an encrypted data from a programming device via a communication interface; a first non-volatile memory, coupled to the controller, and storing the decryption program A volatile memory coupled to the controller and storing the encrypted data; a second non-volatile memory storing decrypted data; and a processor coupled to the first non-volatile memory and the first Two non-volatile memory and the volatile memory, and decrypt the encrypted data according to the decryption program to generate the decrypted data. 如申請專利範圍第1項所述之微控制器,其中上述通訊界面係一串列除錯介面。The microcontroller as described in item 1 of the patent application scope, wherein the communication interface is a series of debugging interfaces. 如申請專利範圍第1項所述之微控制器,其中上述微控制器經由上述第一非揮發性記憶體啟動。The microcontroller according to item 1 of the patent application scope, wherein the microcontroller is activated via the first non-volatile memory. 如申請專利範圍第1項所述之微控制器,其中在上述控制器將取得之上述加密資料儲存到上述揮發性記憶體前,上述控制器先暫停上述處理器。The microcontroller according to item 1 of the patent application scope, wherein the controller suspends the processor before the controller stores the obtained encrypted data in the volatile memory. 如申請專利範圍第4項所述之微控制器,其中當上述加密資料儲存到上述揮發性記憶體後,上述控制器啟動上述處理器,以及其中,當上述處理器啟動後,上述處理器分別從上述第一非揮發性記憶體和上述揮發性記憶體取得上述解密程式和上述加密資料,並根據上述解密程式解密上述加密資料,以產生上述解密資料,並將上述解密資料儲存到上述第二非揮發性記憶體。The microcontroller according to item 4 of the patent application scope, wherein the controller activates the processor after the encrypted data is stored in the volatile memory, and wherein the processor separates when the processor is activated Obtain the decryption program and the encrypted data from the first non-volatile memory and the volatile memory, and decrypt the encrypted data according to the decryption program to generate the decrypted data, and store the decrypted data to the second Non-volatile memory. 一種微控制器解密方法,適用一微控制器,包括: 藉由一通訊界面從一燒錄裝置取得一解密程式; 儲存上述解密程式於上述微控制器之一第一非揮發性記憶體; 藉由上述通訊界面從上述燒錄裝置取得一加密資料; 儲存上述加密資料於上述微控制器之一揮發性記憶體; 藉由上述微控制器之一處理器根據上述解密程式解密上述加密資料,以產生一解密資料;以及 儲存上述解密資料於上述微控制器之一第二非揮發性記憶體。A microcontroller decryption method, suitable for a microcontroller, includes: obtaining a decryption program from a programming device via a communication interface; storing the decryption program in a first non-volatile memory of the microcontroller; by Obtain an encrypted data from the programming device through the communication interface; store the encrypted data in a volatile memory of the microcontroller; decrypt the encrypted data according to the decryption program by a processor of the microcontroller, to Generating a decrypted data; and storing the decrypted data in a second non-volatile memory of the microcontroller. 如申請專利範圍第6項所述之微控制器解密方法,更包括: 經由上述第一非揮發性記憶體啟動上述微控制器。The method for decrypting a microcontroller as described in item 6 of the scope of the patent application further includes: starting the microcontroller through the first non-volatile memory. 如申請專利範圍第6項所述之微控制器解密方法,更包括: 在將取得之上述加密資料儲存到上述揮發性記憶體前,暫停上述處理器。The method for decrypting a microcontroller as described in item 6 of the patent application scope further includes: suspending the processor before storing the obtained encrypted data in the volatile memory. 如申請專利範圍第8項所述之微控制器解密方法,更包括: 當上述加密資料儲存到上述揮發性記憶體後,啟動上述處理器; 藉由上述處理器分別從上述第一非揮發性記憶體和上述揮發性記憶體取得上述解密程式和上述加密資料; 根據上述解密程式解密上述加密資料,以產生上述解密資料;以及 將上述解密資料儲存到上述第二非揮發性記憶體。The decryption method of the microcontroller as described in item 8 of the patent application scope further includes: starting the processor after the encrypted data is stored in the volatile memory; The memory and the volatile memory acquire the decryption program and the encrypted data; decrypt the encrypted data according to the decryption program to generate the decrypted data; and store the decrypted data in the second non-volatile memory. 一種解密系統,包括: 一燒錄裝置;以及 一微控制器,其中上述微控制器包括: 一控制器,藉由一通訊界面從一燒錄裝置取得一解密程式和一加密資料; 一第一非揮發性記憶體,耦接上述控制器,以及儲存上述解密程式; 一揮發性記憶體,耦接上述控制器,以及儲存上述加密資料; 一第二非揮發性記憶體,儲存解密資料;以及 一處理器,耦接上述第一非揮發性記憶體、上述第二非揮發性記憶體和上述揮發性記憶體,以及根據上述解密程式解密上述加密資料,以產生上述解密資料。A decryption system includes: a programming device; and a microcontroller, wherein the microcontroller includes: a controller that obtains a decryption program and an encrypted data from a programming device via a communication interface; a first A non-volatile memory, coupled to the controller, and storing the decryption program; a volatile memory, coupled to the controller, and storing the encrypted data; a second non-volatile memory, storing the decrypted data; and A processor is coupled to the first non-volatile memory, the second non-volatile memory and the volatile memory, and decrypts the encrypted data according to the decryption program to generate the decrypted data.
TW107147571A 2018-12-28 2018-12-28 Microcontroller, decryption method for microcontroller and decryption system TWI691896B (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
TW107147571A TWI691896B (en) 2018-12-28 2018-12-28 Microcontroller, decryption method for microcontroller and decryption system
CN201911364351.XA CN111382426A (en) 2018-12-28 2019-12-26 Microcontroller, decryption method and decryption system thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
TW107147571A TWI691896B (en) 2018-12-28 2018-12-28 Microcontroller, decryption method for microcontroller and decryption system

Publications (2)

Publication Number Publication Date
TWI691896B true TWI691896B (en) 2020-04-21
TW202026866A TW202026866A (en) 2020-07-16

Family

ID=71134504

Family Applications (1)

Application Number Title Priority Date Filing Date
TW107147571A TWI691896B (en) 2018-12-28 2018-12-28 Microcontroller, decryption method for microcontroller and decryption system

Country Status (2)

Country Link
CN (1) CN111382426A (en)
TW (1) TWI691896B (en)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
TW200822068A (en) * 2006-09-19 2008-05-16 Mediatek Inc Methods and apparatuses for securing firmware image distribution and obtaining firmware image from encrypted data
US20090052661A1 (en) * 2004-08-09 2009-02-26 Comcast Cable Holdings, Llc Reduced hierarchy key management system and method
CN204155310U (en) * 2014-07-06 2015-02-11 山东天海科技股份有限公司 Big Dipper car networking logistics information service platform
CN104486355A (en) * 2014-12-30 2015-04-01 大连楼兰科技股份有限公司 Method and device for preventing malicious manipulation of codes
TW201717003A (en) * 2015-11-12 2017-05-16 英特爾公司 Hybrid SM3 and SHA acceleration processors

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1154042C (en) * 2000-09-26 2004-06-16 世纪民生科技股份有限公司 Method for updating program code used for embedded microcontrol unit
US20090199014A1 (en) * 2008-02-04 2009-08-06 Honeywell International Inc. System and method for securing and executing a flash routine
CN102981428B (en) * 2012-10-29 2014-12-31 天津大学 Microcontroller order protection structure based on security application and encryption and decryption method thereof
CN105335660B (en) * 2014-07-30 2019-02-19 无锡华润矽科微电子有限公司 The method for realizing the encryption of MCU circuit based on non-volatility memorizer

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090052661A1 (en) * 2004-08-09 2009-02-26 Comcast Cable Holdings, Llc Reduced hierarchy key management system and method
TW200822068A (en) * 2006-09-19 2008-05-16 Mediatek Inc Methods and apparatuses for securing firmware image distribution and obtaining firmware image from encrypted data
CN204155310U (en) * 2014-07-06 2015-02-11 山东天海科技股份有限公司 Big Dipper car networking logistics information service platform
CN104486355A (en) * 2014-12-30 2015-04-01 大连楼兰科技股份有限公司 Method and device for preventing malicious manipulation of codes
TW201717003A (en) * 2015-11-12 2017-05-16 英特爾公司 Hybrid SM3 and SHA acceleration processors

Also Published As

Publication number Publication date
TW202026866A (en) 2020-07-16
CN111382426A (en) 2020-07-07

Similar Documents

Publication Publication Date Title
TWI615732B (en) Electronic component of electronic device, method of starting electronic device and encryption method
TWI436280B (en) Authentication method for accessing profile of basic input/output system
US7975151B2 (en) Decryption key table access control on ASIC or ASSP
JP6902584B2 (en) Boot programs, information processing devices, information processing systems, information processing methods, semiconductor devices, and programs
JP4191170B2 (en) Programmable gate array copy protection method and system
CN106682518A (en) Method for guaranteeing firmware security of management controller and computer apparatus
TW200409516A (en) Program update method and server
US20090037721A1 (en) Program development method, program development supporting system, and program installation method
CA2925733A1 (en) Encryption and decryption processing method, apparatus, and device
JPWO2005004382A1 (en) Cryptographic processing device
JP4537940B2 (en) Information processing apparatus and program execution control method
JP2024503602A (en) Key revocation for edge devices
US20150379270A1 (en) Key versioning including hash stick technology
TW201702868A (en) Architecture and method for updating firmware of storage device
US11366911B2 (en) Cryptography module and method for operating same
TWI691896B (en) Microcontroller, decryption method for microcontroller and decryption system
JP2015141603A5 (en)
CN112131537B (en) Encryption and decryption method for ZYNQ chip program image file
CN110704814B (en) Anti-copy method and device, and storage medium
CN108268781B (en) Electronic element of electronic device, method for starting electronic device and encryption method
US10880082B2 (en) Rekeying keys for encrypted data in nonvolatile memories
KR20180007717A (en) Soc having double security features, and double security method for soc
JP5759827B2 (en) MEMORY SYSTEM, INFORMATION PROCESSING DEVICE, MEMORY DEVICE, AND MEMORY SYSTEM OPERATION METHOD
JP2012506583A (en) Method for storing data in a memory device and processing device for processing such data
JP7535071B2 (en) Control system and control method applied to safe manufacturing