WO2017000237A1 - Procédé de mise à jour d'algorithme, dispositif devant être mis à jour, et serveur - Google Patents

Procédé de mise à jour d'algorithme, dispositif devant être mis à jour, et serveur Download PDF

Info

Publication number
WO2017000237A1
WO2017000237A1 PCT/CN2015/082860 CN2015082860W WO2017000237A1 WO 2017000237 A1 WO2017000237 A1 WO 2017000237A1 CN 2015082860 W CN2015082860 W CN 2015082860W WO 2017000237 A1 WO2017000237 A1 WO 2017000237A1
Authority
WO
WIPO (PCT)
Prior art keywords
cryptographic algorithm
updated
server
algorithm
update
Prior art date
Application number
PCT/CN2015/082860
Other languages
English (en)
Chinese (zh)
Inventor
黄征
郝勇钢
龙宇
来学嘉
陈璟
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to CN201580027214.0A priority Critical patent/CN107925565B/zh
Priority to PCT/CN2015/082860 priority patent/WO2017000237A1/fr
Publication of WO2017000237A1 publication Critical patent/WO2017000237A1/fr

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols

Definitions

  • the present invention relates to the field of communications, and in particular, to an algorithm update method, a device to be updated, and a server.
  • the cryptographic algorithm is the basis for protecting the security of mobile terminals. Once the cryptographic algorithm implemented by the device is found to have security vulnerabilities or may be maliciously attacked, it is difficult for manufacturers to perform large-scale cryptographic algorithm update operations in a short time based on traditional methods. Therefore, research on remote trusted update technologies for mobile terminals is of great significance. And use value.
  • the server sends an update signal to notify the mobile terminal to update
  • the mobile terminal detects the update signal, and determines a secure link parameter by negotiating with the server, thereby establishing a secure link
  • the server sends the update package to the mobile terminal through the secure link, and moves.
  • the terminal updates according to the update package to complete the update process.
  • the cryptographic algorithm used in establishing the secure link is determined by the mobile terminal and the server, and it is possible that the negotiated cryptographic algorithm determined by the mobile terminal and the server is lacking in security.
  • These cryptographic algorithms may have proven to be insecure, and are cryptographic algorithms that are required to be disabled in the update package. The use of these cryptographic algorithms to establish secure links is likely to cause malicious attacks such as eavesdropping, man-in-the-middle attacks, and spoofing attacks. Security.
  • the embodiment of the invention provides an algorithm update method, a device to be updated, and a server, which are used to avoid malicious attacks and improve system security.
  • the first aspect of the present invention provides an algorithm updating method, including:
  • An update signal sent by the device detection server to be updated is used to indicate that the system has an update package, and the update package is used to indicate that the device to be updated disables the target cryptographic algorithm;
  • the device to be updated sends a secure link request to the server
  • the device to be updated establishes a secure link with the server by using a first cryptographic algorithm specified by the server, and the first cryptographic algorithm does not include the target cryptographic algorithm;
  • the device to be updated is updated according to the update package.
  • the update packet carries a second cryptographic algorithm, where the second cryptographic algorithm is used to indicate that the device to be updated verifies the use of the update package.
  • a cryptographic algorithm the second cryptographic algorithm not including the target cryptographic algorithm;
  • the updating of the device to be updated according to the update package includes:
  • the device to be updated uses the second cryptographic algorithm to verify the update package
  • the device to be updated disables the target cryptographic algorithm according to the update package.
  • the device to be updated detects the update signal sent by the server, and includes:
  • the device to be updated establishes an algorithm usage table, where the algorithm usage table is used to indicate a cryptographic algorithm that can be used by the device to be updated and a cipher algorithm that is prohibited from being used;
  • the device to be updated, according to the update package, disabling the target password algorithm includes:
  • the device to be updated identifies the target cryptographic algorithm as the cipher algorithm forbidden in the algorithm usage table.
  • the device to be updated passes the first cryptographic algorithm specified by the server Establishing a secure link with the server includes:
  • the device to be updated checks the public key, and if the test passes, generates a symmetric key
  • the device to be updated uses the public key to encrypt the symmetric key
  • the device to be updated sends an encrypted symmetric key to the server, the symmetric key is used by the server to encrypt data sent to the device to be updated, and the device to be updated decrypts the sent by the server. data.
  • the device to be updated includes a mobile terminal or a base station.
  • a second aspect of the present invention provides an algorithm update method, including:
  • the server sends an update signal, where the update signal is used to indicate that the device to be updated disables the target cryptographic algorithm
  • the server specifies a first cryptographic algorithm corresponding to the secure link request, and the first secret
  • the code algorithm notifies the device to be updated, and the first cryptographic algorithm does not include the target cryptographic algorithm
  • the server establishes a secure link with the device to be updated by using the first cryptographic algorithm
  • the server sends the update package to the device to be updated through the secure link.
  • the update packet carries a second cryptographic algorithm, where the second cryptographic algorithm is used to indicate that the device to be updated verifies the use of the update package.
  • a cryptographic algorithm the second cryptographic algorithm not including the target cryptographic algorithm.
  • the server specifies that the first cryptographic algorithm corresponding to the secure link request includes:
  • the server determines other cryptographic algorithms in the set of cryptographic algorithms other than the target cryptographic algorithm, and selects the first cryptographic algorithm from the other cryptographic algorithms.
  • a third aspect of the present invention provides a device to be updated, including:
  • a detection module configured to detect an update signal sent by the server, where the update signal is used to indicate that the system has an update package, where the update package is used to indicate that the device to be updated disables the target cryptographic algorithm;
  • a sending module configured to send a secure link request to the server
  • a first establishing module configured to establish a secure link with the server by using a first cryptographic algorithm specified by the server, where the first cryptographic algorithm does not include the target cryptographic algorithm;
  • a receiving module configured to receive, by using the secure link established by the first establishing module, the update package sent by the server;
  • an update module configured to update according to the update package received by the receiving module.
  • the update packet carries a second cryptographic algorithm, where the second cryptographic algorithm is used to indicate that the device to be updated verifies the use of the update package.
  • a cryptographic algorithm the second cryptographic algorithm not including the target cryptographic algorithm;
  • the update module includes:
  • a verification unit configured to verify the update package by using the second cryptographic algorithm
  • a disabling unit configured to, when the verification unit determines that the update package is verified, according to the The new package disables the target cryptographic algorithm.
  • the device to be updated further includes:
  • a second establishing module configured to establish an algorithm usage table, where the algorithm uses a table to indicate a cryptographic algorithm that can be used by the device to be updated and a cipher algorithm that is prohibited from being used;
  • the disabling unit includes:
  • An identifier subunit configured to identify the target cryptographic algorithm as the banned cryptographic algorithm in the algorithm usage table.
  • the first establishing module includes:
  • a receiving unit configured to receive a public key corresponding to the first cryptographic algorithm sent by the server
  • a verification unit configured to check the public key received by the receiving unit
  • a generating unit configured to generate a symmetric key when the checking unit determines that the public key passes the verification
  • An encryption unit configured to encrypt the symmetric key by using the public key
  • a sending unit configured to send, to the server, an encrypted symmetric key, where the symmetric key is used by the server to encrypt data sent to the to-be-updated device, and the to-be-updated device decrypts the sent by the server data.
  • the device to be updated includes a mobile terminal or a base station.
  • a fourth aspect of the present invention provides a server, including:
  • a first sending module configured to send an update signal, where the update signal is used to indicate that the device to be updated disables the target cryptographic algorithm
  • a receiving module configured to receive a secure link request sent by the device to be updated
  • a specifying module configured to specify a first cryptographic algorithm corresponding to the secure link request, and notify the first cryptographic algorithm of the device to be updated, where the first cryptographic algorithm does not include the target cryptographic algorithm
  • Establishing a module configured to establish a secure link with the device to be updated by using the first cryptographic algorithm specified by the specified module
  • a second sending module configured to send the update package to the device to be updated by using the secure link established by the establishing module.
  • the specifying module includes:
  • a determining unit configured to determine, according to the secure link request, a set of cryptographic algorithms in the device to be updated, where the cryptographic algorithm set includes at least two cryptographic algorithms;
  • a determining unit configured to determine whether the target cryptographic algorithm is included in the cryptographic algorithm set determined by the determining unit
  • a selecting unit configured to: when the determining unit determines that the target cryptographic algorithm is included in the cryptographic algorithm set, determine another cryptographic algorithm other than the target cryptographic algorithm in the cryptographic algorithm set, and from the other cryptographic algorithm The first cryptographic algorithm is selected in the algorithm.
  • a fifth aspect of the present invention provides a device to be updated, including: a processor and a memory;
  • the processor is configured to perform the following processes:
  • the update signal is used to indicate that the system has an update package, and the update package is used to indicate that the device to be updated disables the target cryptographic algorithm;
  • the update packet carries a second cryptographic algorithm, where the second cryptographic algorithm is used to indicate that the device to be updated verifies the use of the update package.
  • a cryptographic algorithm the second cryptographic algorithm not including the target cryptographic algorithm;
  • the processor specifically performs the following processes:
  • the update package is verified using the second cryptographic algorithm, and if the verification is passed, the target cryptographic algorithm is disabled according to the update package.
  • the processor further performs the following process:
  • the algorithm usage table is used to indicate a cryptographic algorithm that can be used by the device to be updated, and a cipher algorithm that is prohibited from being used;
  • the processor specifically performs the following process:
  • the symmetric key is used by the server to encrypt data sent to the device to be updated, and the device to be updated decrypts data sent by the server.
  • the device to be updated includes a mobile terminal or a base station.
  • a sixth aspect of the present invention provides a server, including: a central processing unit and a storage medium;
  • the central processor performs the following processes:
  • the update signal is used to indicate that the device to be updated disables the target cryptographic algorithm
  • the update package is sent to the device to be updated through the secure link.
  • the central processing unit specifically performs the following processes:
  • the first cryptographic algorithm specified by the server establishes a secure link with the server, and receives the update package sent by the server, and updates according to the update package, the first cryptographic algorithm does not Contains the target cryptographic algorithm that the update package requires to be disabled. That is, In this solution, the server can specify the cryptographic algorithm used by the secure link, and it is forbidden to use the lower version of the insecure algorithm to avoid malicious attacks, thereby improving the security of the system.
  • FIG. 1 is a schematic diagram of an embodiment of an algorithm update method in an embodiment of the present invention.
  • FIG. 2 is a schematic diagram of another embodiment of an algorithm updating method in an embodiment of the present invention.
  • FIG. 3 is a schematic diagram of another embodiment of an algorithm updating method in an embodiment of the present invention.
  • FIG. 4 is a schematic diagram of another embodiment of an algorithm updating method according to an embodiment of the present invention.
  • FIG. 5 is a schematic diagram of an embodiment of a device to be updated in an embodiment of the present invention.
  • FIG. 6 is a schematic diagram of another embodiment of an apparatus to be updated in an embodiment of the present invention.
  • FIG. 7 is a schematic diagram of an embodiment of a server in an embodiment of the present invention.
  • FIG. 8 is a schematic diagram of another embodiment of a server in an embodiment of the present invention.
  • FIG. 9 is a schematic diagram of another embodiment of an apparatus to be updated in an embodiment of the present invention.
  • FIG. 10 is a schematic diagram of another embodiment of a server in an embodiment of the present invention.
  • One embodiment of the algorithm updating method in the embodiment of the present invention includes:
  • the server determines that the target cryptographic algorithm in the system is unsecure, or if the target cryptographic algorithm needs to be disabled for other reasons, the server sends an update signal, and the device to be updated can detect the utterance sent by the server through the background update detection program. And an update signal, the update signal is used to indicate that the device to be updated has a new upgrade package available, and the update package is used to indicate that the device to be updated disables the target password algorithm.
  • the cryptographic algorithm is implemented by the software part of the physical chip of the device.
  • the device can also invoke the hardware module to accelerate the implementation of related operations.
  • the target cryptographic algorithm may be a cryptographic algorithm that is partially disabled by the software, or a cryptographic algorithm that is disabled by the hardware module.
  • the device to be updated sends a secure link request to the server.
  • the device to be updated After the device to be updated detects the update signal sent by the server, the device sends a secure link request to the server, where the secure link request includes device information of the device to be updated, and the device information includes a set of cryptographic algorithms supported by the device to be updated.
  • the cryptographic algorithm set contains at least two cryptographic algorithms.
  • the cryptographic algorithm set may be a cryptographic algorithm set supported by the hardware module in the device, or may be a cryptographic algorithm set supported by the software part of the physical chip of the device, or a combination of the two, which is not limited herein. .
  • the device to be updated establishes a secure link with the server by using a first cryptographic algorithm specified by the server;
  • the server After receiving the secure link request sent by the device to be updated, the server specifies a cryptographic algorithm used to establish a secure link, and the cryptographic algorithm is a first cryptographic algorithm, and the first cryptographic algorithm is notified to the device to be updated, and the device to be updated uses the server to specify The first cryptographic algorithm establishes a secure link with the server. It should be noted that the first cryptographic algorithm does not include a target cryptographic algorithm that needs to be disabled.
  • the device to be updated receives the update package sent by the server by using the secure link.
  • the server determines an update package corresponding to the device to be updated, and sends the update package to the server through the secure link, and the device to be updated passes the secure link. Receive the update package sent by the server.
  • the device to be updated is updated according to the update package.
  • the device to be updated After the device to be updated receives the update packet sent by the server, it updates according to the update package.
  • the first cryptographic algorithm specified by the server establishes a secure link with the server, and receives the update package sent by the server, and updates according to the update package, the first cryptographic algorithm does not Contains the target cryptographic algorithm that the update package requires to be disabled. That is to say, in this solution, the server can specify a cryptographic algorithm used by the secure link, prohibiting the use of a lower version of the insecure algorithm, thereby avoiding malicious attacks, thereby improving the security of the system.
  • FIG. 2 another embodiment of the algorithm update method in the embodiment of the present invention includes:
  • the device to be updated may be a mobile terminal, and may be a base station, or may be another device based on an ARM architecture, which is not limited herein.
  • the server determines that the target cryptographic algorithm in the system is unsecure, or if the target cryptographic algorithm needs to be disabled for other reasons, the server sends an update signal, and the device to be updated can detect the utterance sent by the server through the background update detection program. And an update signal, the update signal is used to indicate that the device to be updated has a new update package, and the update package is used to indicate that the device to be updated disables the target password algorithm.
  • the cryptographic algorithm is implemented by the software part of the physical chip of the device.
  • the device can also invoke the hardware module to accelerate the implementation of related operations.
  • the target cryptographic algorithm may be a cryptographic algorithm that is partially disabled by the software, or a cryptographic algorithm that is disabled by the hardware module.
  • the device to be updated sends a secure link request to the server.
  • the device to be updated After the device to be updated detects the update signal sent by the server, the device sends a secure link request to the server, where the secure link request includes device information of the device to be updated, and the device information includes a set of cryptographic algorithms supported by the device to be updated.
  • the cryptographic algorithm set contains at least two cryptographic algorithms.
  • the device information may further include information such as a communication protocol version supported by the device to be updated, a compressed version supported by the device to be updated, and the like. Other information may also be included, which is not limited herein.
  • the cryptographic algorithm set may be a cryptographic algorithm set supported by the hardware module in the device.
  • the combination of the cryptographic algorithms supported by the software part of the physical chip of the device may also be a combination of the two, which is not limited herein.
  • the device to be updated establishes a secure link with the server by using a first cryptographic algorithm specified by the server.
  • the server After receiving the secure link request sent by the device to be updated, the server specifies a cryptographic algorithm used to establish a secure link, and the cryptographic algorithm is a first cryptographic algorithm, and the first cryptographic algorithm is notified to the device to be updated, and the device to be updated uses the server to specify The first cryptographic algorithm establishes a secure link with the server. It should be noted that the first cryptographic algorithm does not include a target cryptographic algorithm that needs to be disabled.
  • the device to be updated may establish a secure link with the server according to the HTTPS protocol. Specifically, after receiving the secure link request sent by the device to be updated, the server determines the version of the encrypted communication protocol used for communication with the device to be updated according to the device information in the secure link. After determining the encryption algorithm used by the communication, the information is notified to the device to be updated, and the server certificate is sent to the update device.
  • the server certificate contains information such as a public key, and the device to be updated receives the public key, and checks whether the public key is valid.
  • the device to be updated determines that the public key is valid, generates a random value, and then uses the public key to encrypt the random value, and sends the random value to the server, and the server uses The private key corresponding to the public key is decrypted to obtain the random value, and the random value is a symmetric key, where the symmetric key is used by the server to encrypt data sent to the device to be updated, and is also used for the device to be updated to decrypt the data sent by the server. .
  • the device to be updated and the server complete the establishment of the secure link, and then the information transmitted between the two parties is encrypted by using the first cryptographic algorithm and the symmetric key.
  • the device to be updated may also establish a secure link by other means, which is not limited herein.
  • the device to be updated receives the update package sent by the server by using the secure link.
  • the server determines an update package corresponding to the device to be updated, and sends the update package to the server through the secure link, and the device to be updated receives the update package sent by the server through the secure link.
  • the update packet may carry a second cryptographic algorithm, where the second cryptographic algorithm is used to indicate that the device to be updated verifies the cryptographic algorithm used by the update packet, and the second cryptographic algorithm does not include the target cryptographic algorithm.
  • the device to be updated uses the second cryptographic algorithm to verify the update package, if the verification is passed, step 206 is performed, if the verification fails, step 207 is performed;
  • the device to be updated uses the second cryptographic algorithm according to the indication on the update package.
  • the verification package is verified to verify whether the update package has a legal signature from the operator or the device vendor. If the signature is legal, the verification is passed. If the device is to be updated, step 206 is performed. If the signature is invalid, the verification fails, and the verification is not completed. The device performs step 207.
  • the device to be updated disables the target password algorithm according to the update package.
  • the device to be updated determines that the update package passes the verification, the device to be updated disables the target cryptographic algorithm according to the update package.
  • the device to be updated performs other processes.
  • the update may be prompted to be reset, and may be reset to the factory state, and other processes may be performed, which are not limited herein.
  • the first cryptographic algorithm specified by the server establishes a secure link with the server, and receives the update package sent by the server, and updates according to the update package, the first cryptographic algorithm does not Contains the target cryptographic algorithm that the update package requires to be disabled. That is to say, in this solution, the server can specify a cryptographic algorithm used by the secure link, prohibiting the use of a lower version of the insecure algorithm, thereby avoiding malicious attacks, thereby improving the security of the system.
  • the update packet carries the second cryptographic algorithm, so that the device to be updated can use the second cryptographic algorithm to verify the update package, and then complete the update according to the verification result, and the second cryptographic algorithm does not include the update package requirement.
  • Disabled target cryptographic algorithm That is to say, the device to be updated in the solution prohibits the use of an insecure algorithm to verify the update package, thereby further improving the security of the system.
  • the device to be updated may further establish an algorithm usage table, and the algorithm uses the table.
  • a cryptographic algorithm used to indicate that the device to be updated can be used and a cryptographic algorithm that is prohibited from being used.
  • the algorithm usage table may be refreshed according to the update package.
  • the device to be updated receives the update packet sent by the server, and after the verification packet is verified, the target password algorithm is identified in the algorithm usage table as a password algorithm that is prohibited from being used.
  • the device to be updated may use a flag position "1" to indicate a cryptographic algorithm that can be used, and a "0" to indicate a cipher algorithm that is prohibited from being used.
  • the cryptographic algorithm indicated in the cryptographic algorithm using the table may be a cryptographic algorithm in the software part of the chip or a cryptographic algorithm in the hardware module of the device.
  • the table is used for the cryptographic algorithm of the hardware module, if the hardware module is Some units of cryptographic algorithms are now proven to have security problems, and the operating system can also identify these unit-specific cryptographic algorithms as banned cryptographic algorithms.
  • the cryptographic algorithm usage table of the software part if the update package includes a new cryptographic algorithm in the software part, the device to be updated may add the cryptographic algorithm to the algorithm usage table according to the update package, and identify the cryptographic algorithm as available. .
  • the device to be updated may establish and maintain an algorithm usage table, where the algorithm usage table may indicate a cryptographic algorithm that can be used by the device to be updated and a cipher algorithm that is prohibited from being used, thereby improving the flexibility of the solution.
  • the algorithm update method in the embodiment of the present invention is introduced from the perspective of the device to be updated.
  • the algorithm update method in the embodiment of the present invention is introduced from the perspective of the server.
  • Another embodiment of the algorithm update method in the embodiment of the present invention includes:
  • the server sends an update signal.
  • the server sends an update signal indicating that the device to be updated is available by the new update package, and the update package is used.
  • the target password algorithm is disabled for indicating that the device to be updated.
  • the cryptographic algorithm is implemented by the software part of the physical chip of the device.
  • the device can also invoke the hardware module to accelerate the implementation of related operations.
  • the target cryptographic algorithm may be a cryptographic algorithm that is disabled by the software part of the device, or a cryptographic algorithm that is disabled by the hardware module of the device.
  • the device to be updated may be a mobile terminal, and may be a base station or other device based on the ARM architecture, which is not limited herein.
  • the server receives a secure link request sent by the device to be updated.
  • the device to be updated After the server sends an update signal, the device to be updated detects the update signal and sends a secure link request to the server.
  • the server specifies a first cryptographic algorithm corresponding to the secure link request, and notifies the first cryptographic algorithm to the device to be updated.
  • the server After receiving the secure link request, the server determines the first cryptographic algorithm according to the secure link request, and notifies the first cryptographic algorithm to the device to be updated, the first cryptographic algorithm does not include the target cryptographic algorithm.
  • the server establishes a secure link with the device to be updated by using a first cryptographic algorithm.
  • the server After the server determines and informs the device to update the first cryptographic algorithm, the server establishes a secure link with the device to be updated by using the first cryptographic algorithm.
  • the server sends the update package to the device to be updated through the secure link.
  • the update package is sent to the device to be updated through the secure link.
  • the server when the server decides to disable the target cryptographic algorithm in the device to be updated, the server sends an update signal.
  • the server receives the secure link request of the device to be updated, the server specifies a first cryptographic algorithm, and uses the cryptographic algorithm to be updated.
  • the device establishes a secure link and sends an update package through the secure link, so that the device to be updated is updated according to the update package, and the first cryptographic algorithm does not include a target cryptographic algorithm that the update package requires to be disabled. That is to say, in this solution, the server can specify a cryptographic algorithm used by the secure link, prohibiting the use of a lower version of the insecure algorithm, thereby avoiding malicious attacks, thereby improving the security of the system.
  • Another embodiment of the algorithm update method in the embodiment of the present invention includes:
  • the server sends an update signal.
  • the server sends an update signal indicating that the device to be updated is available by the new update package, and the update package is used.
  • the target password algorithm is disabled for indicating that the device to be updated.
  • the cryptographic algorithm is implemented by the software part of the physical chip of the device.
  • the device can also invoke the hardware module to accelerate the implementation of related operations.
  • the target cryptographic algorithm may be a cryptographic algorithm that is disabled by the software part of the device, or a cryptographic algorithm that is disabled by the hardware module of the device.
  • the device to be updated may be a mobile terminal, and may be a base station or other device based on the ARM architecture, which is not limited herein.
  • the server receives a secure link request sent by the device to be updated.
  • the device to be updated After the server sends an update signal, the device to be updated detects the update signal and sends a secure link request to the server.
  • the server determines, according to the secure link request, a set of cryptographic algorithms in the device to be updated.
  • the server parses the secure link request to obtain device information of the device to be updated, and the device information includes the supported cryptographic algorithm set, and the cryptographic algorithm set includes at least two cryptographic algorithms.
  • the device information may further include information such as a communication protocol version supported by the device to be updated, a compressed version supported by the device to be updated, and the like. It can also include other information, which is not limited here. set.
  • the cryptographic algorithm set may be a cryptographic algorithm set supported by the hardware module in the device, or may be a cryptographic algorithm set supported by the software part of the physical chip of the device, which is not limited herein.
  • the server determines whether the cryptographic algorithm set contains the target cryptographic algorithm, and if so, step 405 is performed, and if not, step 409 is performed;
  • the server determines whether the cryptographic algorithm set includes a target cryptographic algorithm that needs to be disabled. If yes, step 405 is performed, and if no, step 409 is performed.
  • the server determines another cryptographic algorithm other than the target cryptographic algorithm in the cryptographic algorithm set, and selects the first cryptographic algorithm from other cryptographic algorithms;
  • the server determines other cryptographic algorithms other than the target cryptographic algorithm in the cryptographic algorithm set, and selects the first cryptographic algorithm from other cryptographic algorithms to establish as the device to be updated.
  • the cryptographic algorithm used by secure links are not limited to
  • the server notifies the first cryptographic algorithm to the device to be updated.
  • the server determines the first cryptographic algorithm
  • the first cryptographic algorithm is notified to the device to be updated.
  • the server establishes a secure link with the device to be updated by using a first cryptographic algorithm.
  • the server After the server notifies the device to be updated by the first cryptographic algorithm, the first cryptographic algorithm is used to establish a secure link with the device to be updated.
  • the server may establish a secure link with the device to be updated according to the HTTPS protocol.
  • the server needs to determine the encryption algorithm used in communication with the device to be updated, that is, the first cryptographic algorithm. Updating the version of the encrypted communication protocol used by the device communication, and surely, notifying the device to be updated, and sending a server certificate to the update device, the server certificate containing information such as a public key, and generating a message when the device to be updated determines that the public key is valid.
  • the server to the device to be updated is also used for decrypting the data sent by the server.
  • the device to be updated and the server complete the establishment of the secure link, and then the information transmitted between the two parties is encrypted by using the first cryptographic algorithm and the symmetric key.
  • the server and the device to be updated can also establish a secure link by other means, which is not limited here. set.
  • the server sends an update package to the to-be-updated device by using the secure link.
  • the update package is sent to the device to be updated through the secure link.
  • the update package may carry a second cryptographic algorithm, so that the device to be updated can check the update package according to the second cryptographic algorithm, and complete the update according to the check result.
  • the second cryptographic algorithm does not include the target cryptographic algorithm.
  • the server executes other processes.
  • the server determines that the target cryptographic algorithm does not exist in the cryptographic algorithm set, the server performs other processes.
  • the server when the server decides to disable the target cryptographic algorithm in the device to be updated, the server sends an update signal.
  • the server receives the secure link request of the device to be updated, the server specifies a first cryptographic algorithm, and uses the cryptographic algorithm to be updated.
  • the device establishes a secure link and sends an update package through the secure link, so that the device to be updated is updated according to the update package, and the first cryptographic algorithm does not include a target cryptographic algorithm that the update package requires to be disabled. That is to say, in this solution, the server can specify a cryptographic algorithm used by the secure link, prohibiting the use of a lower version of the insecure algorithm, thereby avoiding malicious attacks, thereby improving the security of the system.
  • the update package may carry the second cryptographic algorithm, so that the device to be updated can use the second cryptographic algorithm to verify the update package, and complete the update according to the verification result, where the second cryptographic algorithm does not include the target password. algorithm. That is to say, the device to be updated does not use an insecure cryptographic algorithm in the process of verifying the update package, which further improves the security of the system.
  • Mobile phone A can implement DES algorithm, AES algorithm and 3DES algorithm, and all three algorithms can call the acceleration implementation in the mobile phone.
  • Mobile phone A adds an algorithm usage table in the operating system, and the algorithm uses a table to indicate that the hardware module can
  • the cryptographic algorithm used and the banned cryptographic algorithm are shown in Table 1, where "0" means unavailable and "1" means available.
  • the operator of mobile phone A finds that the DES algorithm will be attacked by the attacker in the process of using the hardware module, and the operator server notifies the generated mobile phone to disable the DES algorithm on the hardware module, and the operator server sends an update signal.
  • the update signal is used to indicate that the handset of the operator's handset disables the target cryptographic algorithm on the hardware module, ie the DES algorithm.
  • the mobile phone A detects the update signal sent by the operator server through the background update detection program, and sends a secure link request to the server, where the secure link request includes information about the mobile phone, and the information is used to inform the server that the set of cryptographic algorithms supported by the mobile phone includes DES algorithm, AES algorithm and 3DES algorithm.
  • the server knows the information, it is determined that the cryptographic algorithm includes a DES algorithm that needs to be disabled, and other algorithms in the server cryptographic algorithm set select an encryption algorithm used by the secure link, that is, select from the AES algorithm and the 3DES algorithm, and the server selects AES.
  • the algorithm uses the encryption algorithm used as the secure link, that is, the first cryptographic algorithm, the server responds to the request of the mobile phone A, and informs the mobile phone A that the encryption algorithm used by the communication between the two parties is the AES algorithm, and sends the public key K of the operator server to the mobile phone A, the mobile phone.
  • A uses the SHA256 value of the storage operator's public key to verify the public key K sent by the operator's server.
  • the public key K passes the check, the mobile phone A generates a symmetric key S, and the mobile phone A encrypts the symmetric key S with the public key K.
  • the operator server decrypts the private key P corresponding to the public key K to obtain the symmetric key S, and the operator server and the mobile phone A complete The establishment of the HTTPS secure link, and then the carrier server finds the update package B corresponding to the mobile phone A.
  • the operator server encrypts the update package B by using the first cryptographic algorithm AES algorithm and the symmetric private key S, and sends the encrypted update package B to the mobile phone A, and the mobile phone A receives the update package, and uses the AES algorithm and the private key S.
  • the update packet B is decrypted, and the mobile phone A verifies the signature of the update packet B.
  • the signature of the update package is verified, and the mobile phone A disables the DES algorithm on the module according to the update package B, that is, the mobile phone A will no longer call the hardware module to accelerate the implementation of the DES algorithm, and the mobile phone A updates the algorithm usage table of the hardware module, and uses the algorithm.
  • the identifier of the DES algorithm in the table is an algorithm that is forbidden to use, that is, the status corresponding to the DES is identified as "0", as shown in Table 2.
  • an embodiment of the device to be updated in the embodiment of the present invention includes:
  • the detecting module 501 is configured to detect an update signal sent by the server, where the update signal is used to indicate that the system has an update package, where the update package is used to indicate that the device to be updated disables the target cryptographic algorithm;
  • a sending module 502 configured to send a secure link request to the server
  • a first establishing module 503 configured to establish a secure link with the server by using a first cryptographic algorithm specified by the server, where the first cryptographic algorithm does not include the target cryptographic algorithm;
  • the receiving module 504 is configured to receive, by using the secure link established by the first establishing module 503, an update package sent by the server;
  • the update module 505 is configured to update according to the update package received by the receiving module 504.
  • the sending module 502 sends a secure link request to the server
  • the first establishing module 503 establishes a secure link with the server by using the first cryptographic algorithm specified by the server
  • the receiving module 504 receives the server.
  • the update package 505 is updated according to the update package, and the first cryptographic algorithm does not include a target cryptographic algorithm that the update package requires to be disabled. That is to say, in this solution, the server can specify a cryptographic algorithm used by the secure link, prohibiting the use of a lower version of the insecure algorithm, thereby avoiding malicious attacks, thereby improving the security of the system.
  • FIG. 6 another embodiment of the device to be updated in the embodiment of the present invention includes:
  • the detecting module 601 is configured to detect an update signal sent by the server, where the update signal is used to indicate that the system has an update package, where the update package is used to indicate that the device to be updated disables the target cryptographic algorithm;
  • a sending module 602 configured to send a secure link request to the server
  • a first establishing module 603, configured to establish a secure link with the server by using a first cryptographic algorithm specified by the server, where the first cryptographic algorithm does not include the target cryptographic algorithm;
  • the receiving module 604 is configured to receive, by using the secure link established by the first establishing module 603, an update package sent by the server, where the update packet carries a second cryptographic algorithm, where the second cryptographic algorithm is used to indicate that the packet is to be updated.
  • the device verifies the cryptographic algorithm used by the update package, and the second cryptographic algorithm does not include the target cryptographic algorithm;
  • An update module 605, configured to update according to the update package received by the receiving module 604;
  • the update module 605 includes:
  • a verification unit 6051 configured to verify the update package by using a second cryptographic algorithm
  • the disabling unit 6052 is configured to disable the target cipher algorithm according to the update package when the verification unit 6051 determines that the update package is verified.
  • the first establishing module 603 may include:
  • the receiving unit 6031 is configured to receive a public key corresponding to the first cryptographic algorithm sent by the server;
  • the checking unit 6032 is configured to check the public key received by the receiving unit 6031;
  • a generating unit 6033 configured to generate a symmetric key when the verification unit determines that the public key passes the verification
  • An encryption unit 6034 configured to encrypt the symmetric key by using a public key
  • the sending unit 6035 is configured to send the encrypted symmetric key to the server, where the symmetric key is used by the server to encrypt data sent to the device to be updated, and the data sent by the device decryption server to be updated.
  • the device to be updated may further include:
  • a second establishing module 606 configured to establish an algorithm usage table, the algorithm uses a table to indicate a cryptographic algorithm that can be used by the device to be updated, and a cipher algorithm that is prohibited from being used;
  • the disabling unit 6052 includes:
  • the identifier sub-unit 60521 is configured to identify the target cryptographic algorithm as a cipher algorithm forbidden in the algorithm usage table.
  • the sending module 602 sends a secure link request to the server
  • the first establishing module 603 establishes a secure link with the server by using the first cryptographic algorithm specified by the server
  • the receiving module 604 receives the sending by the server.
  • the update package 605 is updated according to the update package, and the first cryptographic algorithm does not include a target cryptographic algorithm that the update package requires to be disabled. That is to say, in this solution, the server can specify a cryptographic algorithm used by the secure link, prohibiting the use of a lower version of the insecure algorithm, thereby avoiding malicious attacks, thereby improving the security of the system.
  • the update packet carries the second cipher algorithm
  • the verification unit 6051 in the update module 605 can verify the update package by using the second cipher algorithm, and then complete the update according to the verification result, and the second cipher algorithm does not Contains the target cryptographic algorithm that the update package requires to be disabled. That is to say, the device to be updated in this solution prohibits the use of an unsafe algorithm to verify the update package, further improving the system. Security.
  • the second establishing module 606 can establish an algorithm usage table, and the identifier sub-unit 60521 in the updating module 605 can update the algorithm usage table, and the algorithm usage table can indicate a password that can be used by the device to be updated.
  • Algorithms and banned cryptographic algorithms increase the flexibility of the solution.
  • the server determines that the target cryptographic algorithm in the system is unsecure, or if the target cryptographic algorithm needs to be disabled for other reasons, the server sends an update signal, and the detection module 601 can detect the utterance sent by the server through the background update detection program. And an update signal, the update signal is used to indicate that the device to be updated has a new update package, and the update package is used to indicate that the device to be updated disables the target password algorithm.
  • the cryptographic algorithm is implemented by the software part of the physical chip of the device.
  • the device can also invoke the hardware module to accelerate the implementation of related operations.
  • the target cryptographic algorithm may be a cryptographic algorithm that is partially disabled by the software, or a cryptographic algorithm that is disabled by the hardware module.
  • the sending module 602 sends a secure link request to the server, where the secure link request includes device information of the device to be updated, and the device information includes a cryptographic algorithm supported by the device to be updated.
  • the secure link request includes device information of the device to be updated, and the device information includes a cryptographic algorithm supported by the device to be updated.
  • the device information may further include information such as a communication protocol version supported by the device to be updated, a compressed version supported by the device to be updated, and the like. Other information may also be included, which is not limited herein.
  • the cryptographic algorithm set may be a cryptographic algorithm set supported by the hardware module in the device, or may be a cryptographic algorithm set supported by the software part of the physical chip of the device, or a combination of the two, which is not limited herein.
  • the server After receiving the secure link request sent by the device to be updated, the server specifies a cryptographic algorithm used by the secure link, and the cryptographic algorithm is the first cryptographic algorithm, and the first cryptographic algorithm is notified to the device to be updated, and the first establishing module 603 uses the cryptographic algorithm.
  • the first cryptographic algorithm specified by the server establishes a secure link with the server. It should be noted that the first cryptographic algorithm does not include a target cryptographic algorithm that needs to be disabled.
  • the device to be updated can establish a secure link with the server according to the HTTPS protocol, specifically, the service
  • the device determines the version of the encrypted communication protocol used for communication with the device to be updated according to the device information in the secure link, determines the encryption algorithm used by the communication, and then notifies the device to be updated.
  • the server certificate is sent to the update device, the server certificate contains information such as a public key, the receiving unit 6031 receives the public key, and the checking unit 6032 checks whether the public key is valid, and specifically, whether the issuing authority is legal, whether the certificate expires, etc.
  • the generating unit 6033 After the update device determines that the public key is valid, the generating unit 6033 generates a random value, and then the encryption unit 6034 encrypts the random value by using the public key, and the sending unit 6035 sends the random value to the server, and the server uses the private key corresponding to the public key.
  • the key decryption obtains the random value, which is a symmetric key, which is used by the server to encrypt data sent to the device to be updated, and is also used by the device to be updated to decrypt data sent by the server.
  • the device to be updated and the server complete the establishment of the secure link, and then the information transmitted between the two parties is encrypted by using the first cryptographic algorithm and the symmetric key.
  • the first establishing module 603 can also establish a secure link by other means, which is not limited herein.
  • the server determines an update package corresponding to the device to be updated, and sends the update package to the server through the secure link, and the receiving module 604 receives the update package sent by the server through the secure link.
  • the update packet may carry a second cryptographic algorithm, where the second cryptographic algorithm is used to indicate that the device to be updated verifies the cryptographic algorithm used by the update packet, and the second cryptographic algorithm does not include the target cryptographic algorithm.
  • the verification unit 6051 of the update module 605 uses the second cryptographic algorithm to verify the update package, and checks whether the update package has an operator or a device vendor. Legal signature, if the signature is legal, the verification passes, triggering the disable unit 6052.
  • the disabling unit 6052 disables the target cryptographic algorithm according to the update package.
  • the second establishing module 606 may further establish an algorithm usage table, where the algorithm usage table is used to indicate that the device to be updated may The cryptographic algorithm used and the cryptographic algorithm that is prohibited.
  • the algorithm usage table may be refreshed according to the update package.
  • the receiving module 604 receives the update packet sent by the server, and after the verification packet is verified, the identifier subunit 60521 identifies the target cryptographic algorithm as a cipher algorithm forbidden in the algorithm usage table.
  • the flag position "1" can be used to indicate a cryptographic algorithm that can be used, and "0" is used to indicate a cipher algorithm that is prohibited from being used.
  • the cryptographic algorithm indicated in the cryptographic algorithm using the table may be a cryptographic algorithm in the software part of the chip or a cryptographic algorithm in the hardware module of the device.
  • the identifier sub-unit 60521 can also identify the cryptographic algorithms of the units as prohibited. Password algorithm.
  • the identifier sub-unit 60521 may add the cryptographic algorithm to the algorithm usage table according to the update package, and identify the password as available. algorithm.
  • an embodiment of the server in the embodiment of the present invention includes:
  • the first sending module 701 is configured to send an update signal, where the update signal is used to indicate that the device to be updated disables the unsafe target cryptographic algorithm;
  • the receiving module 702 is configured to receive a secure link request sent by the device to be updated.
  • the specifying module 703 is configured to specify a first cryptographic algorithm corresponding to the secure link request, and notify the device to be updated by the first cryptographic algorithm, where the first cryptographic algorithm does not include the target cryptographic algorithm;
  • the establishing module 704 is configured to establish a secure link with the to-be-updated device by using a first cryptographic algorithm specified by the specifying module 703;
  • the second sending module 705 is configured to send an update package to the device to be updated by using the secure link established by the establishing module 704.
  • the server determines that the target cryptographic algorithm in the device to be updated is disabled, the first sending module 701 sends an update signal, and after the receiving module 702 receives the secure link request of the device to be updated, the specifying module 703 specifies the first The cryptographic algorithm, the establishing module 704 uses the cryptographic algorithm to establish a secure link with the device to be updated, and the second sending module 705 sends the update packet through the secure link, so that the device to be updated updates according to the update package, and the first cryptographic algorithm does not include an update.
  • FIG. 8 another embodiment of the server in the embodiment of the present invention includes:
  • the first sending module 801 is configured to send an update signal, where the update signal is used to indicate that the device to be updated disables the unsafe target cryptographic algorithm;
  • the receiving module 802 is configured to receive a secure link request sent by the device to be updated
  • the specifying module 803 is configured to specify a first cryptographic algorithm corresponding to the secure link request, and notify the device to be updated by the first cryptographic algorithm, where the first cryptographic algorithm does not include the target cryptographic algorithm;
  • the establishing module 804 is configured to establish a secure link with the device to be updated by using a first cryptographic algorithm specified by the specifying module 803;
  • a second sending module 805, configured to send, by using a secure link established by the establishing module 804, an update package to the device to be updated;
  • the specifying module 803 includes:
  • a determining unit 8031 configured to determine, according to the secure link request, a set of cryptographic algorithms in the device to be updated, where the cryptographic algorithm set includes at least two cryptographic algorithms;
  • the determining unit 8032 is configured to determine whether the target cryptographic algorithm is included in the cryptographic algorithm set determined by the determining unit 8031;
  • the selecting unit 8033 is configured to: when the determining unit 8032 determines that the target cryptographic algorithm is included in the cryptographic algorithm set, determine other cryptographic algorithms other than the target cryptographic algorithm in the cryptographic algorithm set, and select the first cryptographic algorithm from other cryptographic algorithms.
  • the server determines that the target cryptographic algorithm in the device to be updated is disabled, the first sending module 801 sends an update signal, and after the receiving module 802 receives the secure link request of the device to be updated, the specifying module 803 specifies the first The cryptographic algorithm, the establishing module 804 uses the cryptographic algorithm to establish a secure link with the device to be updated, and the second sending module 805 sends the update packet through the secure link, so that the device to be updated updates according to the update package, and the first cryptographic algorithm does not include an update.
  • the device to be updated and the server to be updated in the embodiment of the present invention are described in the above, and the device to be updated in the embodiment of the present invention is described in the following.
  • the ARM-based device such as a mobile phone, a tablet computer, a PDA (Personal Digital Assistant), a base station, a vehicle-mounted computer, and the like
  • the following is a mobile phone as an example.
  • the device to be updated in the embodiment of the present invention is used.
  • Another embodiment package include:
  • a radio frequency (RF) circuit 910 a radio frequency (RF) circuit 910, a memory 920, an input unit 930, a display unit 940, a sensor 950, an audio circuit 960, a wireless fidelity (WiFi) module 970, a processor 980, and a power supply 990.
  • RF radio frequency
  • the RF circuit 910 can be used for receiving and transmitting signals during and after receiving or transmitting information, in particular, after receiving the downlink information of the base station, and processing it to the processor 980; in addition, transmitting the designed uplink data to the base station.
  • RF circuit 910 includes, but is not limited to, an antenna, at least one amplifier, a transceiver, a coupler, a Low Noise Amplifier (LNA), a duplexer, and the like.
  • LNA Low Noise Amplifier
  • RF circuitry 910 can also communicate with the network and other devices via wireless communication.
  • the above wireless communication may use any communication standard or protocol, including but not limited to Global System of Mobile communication (GSM), General Packet Radio Service (GPRS), Code Division Multiple Access (Code Division). Multiple Access (CDMA), Wideband Code Division Multiple Access (WCDMA), Long Term Evolution (LTE), E-mail, Short Messaging Service (SMS), and the like.
  • GSM Global System of Mobile communication
  • GPRS General Packe
  • the memory 920 can be used to store software programs and modules, and the processor 980 executes various functional applications and data processing of the mobile phone by running software programs and modules stored in the memory 920.
  • the memory 920 may mainly include a storage program area and a storage data area, wherein the storage program area may store an operating system, an application required for at least one function (such as a sound playing function, an image playing function, etc.), and the like; the storage data area may be stored according to Data created by the use of the mobile phone (such as audio data, phone book, etc.).
  • memory 920 can include high speed random access memory, and can also include non-volatile memory, such as at least one magnetic disk storage device, flash memory device, or other volatile solid state storage device.
  • the input unit 930 can be configured to receive input numeric or character information and to generate key signal inputs related to user settings and function controls of the handset.
  • the input unit 930 may include a touch panel 931 and other input devices 932.
  • Touch panel 931 also known as a touch screen, can collect users in it Touch operation on or near (such as the user using a finger, a stylus, or the like, on any touch object 931 or in the vicinity of the touch panel 931), and driving the corresponding connection device according to a preset program .
  • the touch panel 931 can include two parts: a touch detection device and a touch controller.
  • the touch detection device detects the touch orientation of the user, and detects a signal brought by the touch operation, and transmits the signal to the touch controller; the touch controller receives the touch information from the touch detection device, converts the touch information into contact coordinates, and sends the touch information.
  • the processor 980 is provided and can receive commands from the processor 980 and execute them.
  • the touch panel 931 can be implemented in various types such as resistive, capacitive, infrared, and surface acoustic waves.
  • the input unit 930 may also include other input devices 932.
  • other input devices 932 may include, but are not limited to, one or more of a physical keyboard, function keys (such as volume control buttons, switch buttons, etc.), trackballs, mice, joysticks, and the like.
  • the display unit 940 can be used to display information input by the user or information provided to the user as well as various menus of the mobile phone.
  • the display unit 940 can include a display panel 941.
  • the display panel 941 can be configured in the form of a liquid crystal display (LCD), an organic light-emitting diode (OLED), or the like.
  • the touch panel 931 can cover the display panel 941. When the touch panel 931 detects a touch operation on or near the touch panel 931, the touch panel 931 transmits to the processor 980 to determine the type of the touch event, and then the processor 980 according to the touch event. The type provides a corresponding visual output on display panel 941.
  • touch panel 931 and the display panel 941 are used as two independent components to implement the input and input functions of the mobile phone in FIG. 9, in some embodiments, the touch panel 931 and the display panel 941 may be integrated. Realize the input and output functions of the phone.
  • the handset may also include at least one type of sensor 950, such as a light sensor, motion sensor, and other sensors.
  • the light sensor may include an ambient light sensor and a proximity sensor, wherein the ambient light sensor may adjust the brightness of the display panel 941 according to the brightness of the ambient light, and the proximity sensor may close the display panel 941 and/or when the mobile phone moves to the ear. Or backlight.
  • the accelerometer sensor can detect the magnitude of acceleration in all directions (usually three axes). When it is stationary, it can detect the magnitude and direction of gravity.
  • the mobile phone can be used to identify the gesture of the mobile phone (such as horizontal and vertical screen switching, related Game, magnetometer attitude calibration), vibration recognition related functions (such as pedometer, tapping), etc.; as for the mobile phone can also be configured with gyroscopes, barometers, hygrometers, thermometers, infrared sensors and other sensors, no longer Narration.
  • the gesture of the mobile phone such as horizontal and vertical screen switching, related Game, magnetometer attitude calibration
  • vibration recognition related functions such as pedometer, tapping
  • the mobile phone can also be configured with gyroscopes, barometers, hygrometers, thermometers, infrared sensors and other sensors, no longer Narration.
  • Audio circuit 960, speaker 961, microphone 962 can provide audio connection between the user and the mobile phone mouth.
  • the audio circuit 960 can transmit the converted electrical data of the received audio data to the speaker 961, and convert it into a sound signal output by the speaker 961.
  • the microphone 962 converts the collected sound signal into an electrical signal, and the audio circuit 960 After receiving, it is converted into audio data, and then processed by the audio data output processor 980, sent to the other mobile phone via the RF circuit 910, or outputted to the memory 920 for further processing.
  • WiFi is a short-range wireless transmission technology
  • the mobile phone can help users to send and receive emails, browse web pages, and access streaming media through the WiFi module 970, which provides users with wireless broadband Internet access.
  • FIG. 9 shows the WiFi module 970, it can be understood that it does not belong to the essential configuration of the mobile phone, and can be omitted as needed within the scope of not changing the essence of the invention.
  • the processor 980 is the control center of the handset, which connects various portions of the entire handset using various interfaces and lines, by executing or executing software programs and/or modules stored in the memory 920, and invoking data stored in the memory 920, executing The phone's various functions and processing data, so that the overall monitoring of the phone.
  • the processor 980 may include one or more processing units; preferably, the processor 980 may integrate an application processor and a modem processor, where the application processor mainly processes an operating system, a user interface, an application, and the like.
  • the modem processor primarily handles wireless communications. It will be appreciated that the above described modem processor may also not be integrated into the processor 980.
  • the handset also includes a power source 990 (such as a battery) that supplies power to the various components.
  • a power source 990 such as a battery
  • the power source can be logically coupled to the processor 980 through a power management system to manage functions such as charging, discharging, and power management through the power management system.
  • the mobile phone may further include a camera, a Bluetooth module, and the like, and details are not described herein again.
  • the processor 980 included in the terminal further has the following functions:
  • the update signal is used to indicate that the system has an update package, and the update package is used to indicate that the mobile phone disables the target password algorithm;
  • the update package carries the a second cryptographic algorithm
  • the second cryptographic algorithm is used to instruct the mobile phone to verify a cryptographic algorithm used by the update packet, and the second cryptographic algorithm does not include the target cryptographic algorithm
  • the processor also performs the following processes:
  • the update packet is verified using the second cryptographic algorithm, and if the verification passes, the target cryptographic algorithm is disabled according to the update package.
  • the processor further performs the following process:
  • Establishing an algorithm usage table which uses a table to indicate a cryptographic algorithm that can be used by the mobile phone and a cipher algorithm that is prohibited from being used;
  • the target cryptographic algorithm is identified in the algorithm usage table as a cryptographic algorithm that is prohibited from use.
  • the processor specifically performs the following process:
  • the symmetric key is used by the server to encrypt data sent to the mobile phone, and the mobile phone decrypts data sent by the server.
  • FIG. 10 is a schematic structural diagram of a server according to an embodiment of the present invention.
  • the server 1000 may be relatively large due to different configurations or performances. The difference may include one or more central processing units (CPU) 1022 (eg, one or more processors) and memory 1032, one or more storage media 1030 that store application 1042 or data 1044 ( For example, one or one storage device in Shanghai).
  • the memory 1032 and the storage medium 1030 may be short-term storage or persistent storage.
  • the program stored on storage medium 1030 may include one or more modules (not shown), each of which may include a series of instruction operations in the server.
  • the central processor 1022 can be configured to communicate with the storage medium 1030 on which a series of instruction operations in the storage medium 1030 are performed.
  • Server 1000 may also include one or more power sources 1026, one or more wired or wireless network interfaces 1050, one or more input and output interfaces 1058, and/or one or one More than one operating system 1041, such as Windows ServerTM, Mac OS XTM, UnixTM, LinuxTM, FreeBSDTM, and the like.
  • operating system 1041 such as Windows ServerTM, Mac OS XTM, UnixTM, LinuxTM, FreeBSDTM, and the like.
  • the central processing unit 1022 specifically performs the following steps:
  • the update signal is used to indicate that the device to be updated disables the unsafe target cryptographic algorithm
  • the update package is sent to the device to be updated through the secure link.
  • the central processing unit 1001 specifically performs the following processes:
  • the disclosed system, apparatus, and method may be implemented in other manners.
  • the device embodiments described above are merely illustrative.
  • the division of the unit is only a logical function division.
  • there may be another division manner for example, multiple units or components may be combined or Can be integrated into another system, or some features can be ignored or not executed.
  • the mutual coupling or direct coupling or communication connection shown or discussed may be an indirect coupling or communication connection through some interface, device or unit, and may be in an electrical, mechanical or other form.
  • the units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, may be located in one place, or may be distributed to multiple network units. Some or all of the units may be selected according to actual needs to achieve the purpose of the solution of the embodiment.
  • each functional unit in various embodiments of the present invention may be integrated in one processing unit. It is also possible that each unit physically exists alone, or two or more units may be integrated in one unit.
  • the above integrated unit can be implemented in the form of hardware or in the form of a software functional unit.
  • the integrated unit if implemented in the form of a software functional unit and sold or used as a standalone product, may be stored in a computer readable storage medium.
  • the technical solution of the present invention which is essential or contributes to the prior art, or all or part of the technical solution, may be embodied in the form of a software product stored in a storage medium.
  • a number of instructions are included to cause a computer device (which may be a personal computer, server, or network device, etc.) to perform all or part of the steps of the methods described in various embodiments of the present invention.
  • the foregoing storage medium includes: a U disk, a mobile hard disk, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and the like. .

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Mobile Radio Communication Systems (AREA)

Abstract

L'invention concerne un procédé de mise à jour d'algorithme, un dispositif devant être mis à jour, et un serveur. Dans le procédé selon l'invention, un dispositif devant être mis à jour : détecte un signal de mise à jour transmis par un serveur, le signal de mise à jour étant configuré pour indiquer si un système comprend un progiciel de mise à jour configuré pour ordonner au dispositif devant être mis à jour de désactiver un algorithme cryptographique cible ; transmet une demande de liaison sécurisée, au serveur ; établit une liaison sécurisée avec le serveur au moyen d'un premier algorithme cryptographique spécifié par le serveur, le premier algorithme cryptographique ne contenant pas l'algorithme cryptographique cible ; reçoit, via la liaison sécurisée, le progiciel de mise à jour transmis par le serveur ; et se met à jour selon le progiciel de mise à jour.
PCT/CN2015/082860 2015-06-30 2015-06-30 Procédé de mise à jour d'algorithme, dispositif devant être mis à jour, et serveur WO2017000237A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN201580027214.0A CN107925565B (zh) 2015-06-30 2015-06-30 算法更新方法、待更新设备及服务器
PCT/CN2015/082860 WO2017000237A1 (fr) 2015-06-30 2015-06-30 Procédé de mise à jour d'algorithme, dispositif devant être mis à jour, et serveur

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2015/082860 WO2017000237A1 (fr) 2015-06-30 2015-06-30 Procédé de mise à jour d'algorithme, dispositif devant être mis à jour, et serveur

Publications (1)

Publication Number Publication Date
WO2017000237A1 true WO2017000237A1 (fr) 2017-01-05

Family

ID=57607477

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2015/082860 WO2017000237A1 (fr) 2015-06-30 2015-06-30 Procédé de mise à jour d'algorithme, dispositif devant être mis à jour, et serveur

Country Status (2)

Country Link
CN (1) CN107925565B (fr)
WO (1) WO2017000237A1 (fr)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113708921A (zh) * 2020-05-22 2021-11-26 华为技术有限公司 一种基于冗余密码算法进行安全启动的方法及设备

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109587665B (zh) * 2018-11-20 2023-06-06 陕西师范大学 无SSID广播的WiFi组网方法和装置

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101110672A (zh) * 2006-07-19 2008-01-23 华为技术有限公司 通信系统中建立esp安全联盟的方法和系统
CN101374153A (zh) * 2007-08-23 2009-02-25 中国移动通信集团公司 安全激活第三方应用的方法、第三方服务器、终端及系统
CN102170355A (zh) * 2011-04-27 2011-08-31 北京深思洛克软件技术股份有限公司 信息安全设备中远程升级密钥管理方法
US20150047007A1 (en) * 2005-09-20 2015-02-12 Ohva, Inc. Methods and Apparatus for Enabling Secure Network-Based Transactions

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
GB2471455A (en) * 2009-06-29 2011-01-05 Nec Corp Secure network connection
CN101997679A (zh) * 2009-08-21 2011-03-30 华为终端有限公司 加密信息协商方法、设备及网络系统
CN101695038A (zh) * 2009-10-27 2010-04-14 联想网御科技(北京)有限公司 检测ssl加密数据安全性的方法及装置
EP2907330B1 (fr) * 2012-10-09 2018-07-25 Nokia Technologies Oy Procédé et appareil de désactivation d'algorithmes dans un dispositif

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150047007A1 (en) * 2005-09-20 2015-02-12 Ohva, Inc. Methods and Apparatus for Enabling Secure Network-Based Transactions
CN101110672A (zh) * 2006-07-19 2008-01-23 华为技术有限公司 通信系统中建立esp安全联盟的方法和系统
CN101374153A (zh) * 2007-08-23 2009-02-25 中国移动通信集团公司 安全激活第三方应用的方法、第三方服务器、终端及系统
CN102170355A (zh) * 2011-04-27 2011-08-31 北京深思洛克软件技术股份有限公司 信息安全设备中远程升级密钥管理方法

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113708921A (zh) * 2020-05-22 2021-11-26 华为技术有限公司 一种基于冗余密码算法进行安全启动的方法及设备
JP2023526656A (ja) * 2020-05-22 2023-06-22 華為技術有限公司 冗長暗号化アルゴリズムに基づいてセキュアブートを実行するための方法およびデバイス
EP4142207A4 (fr) * 2020-05-22 2023-10-18 Huawei Technologies Co., Ltd. Procédé et dispositif d'amorçage sécurisé à base d'algorithme cryptographique redondant
JP7479517B2 (ja) 2020-05-22 2024-05-08 華為技術有限公司 冗長暗号化アルゴリズムに基づいてセキュアブートを実行するための方法およびデバイス
US12021982B2 (en) 2020-05-22 2024-06-25 Huawei Technologies Co., Ltd. Method for performing secure boot based on redundant cryptographic algorithm and device

Also Published As

Publication number Publication date
CN107925565B (zh) 2020-08-07
CN107925565A (zh) 2018-04-17

Similar Documents

Publication Publication Date Title
US12041165B2 (en) Key updating method, apparatus, and system
WO2018176781A1 (fr) Procédé d'envoi d'informations, procédé de réception d'informations, appareil et système
CN109600223B (zh) 验证方法、激活方法、装置、设备及存储介质
KR102024331B1 (ko) 메시지 보호 방법, 관련 장치 및 시스템
WO2017041599A1 (fr) Procédé de traitement de service et dispositif électronique
CN107483213B (zh) 一种安全认证的方法、相关装置及系统
WO2015101273A1 (fr) Procédé de vérification de sécurité et dispositif et système associés
CN104579668B (zh) 一种用户身份的验证方法和密码保护装置及验证系统
CN104954126B (zh) 敏感操作验证方法、装置及系统
WO2017020630A1 (fr) Procédé, appareil et système de traitement d'informations de commandes
US10454905B2 (en) Method and apparatus for encrypting and decrypting picture, and device
CN106845177A (zh) 密码管理方法及系统
WO2015027712A1 (fr) Procédé d'accès à un réseau d'un terminal mobile, terminal mobile et dispositif de terminal
WO2020164526A1 (fr) Procédé de commande pour nœuds dans un système distribué et dispositif associé
WO2018201991A1 (fr) Procédé de traitement de données, système, appareil, support d'informations et dispositif
CN111355707B (zh) 一种数据处理方法及相关设备
WO2020192794A1 (fr) Procédé de déverrouillage de véhicule et dispositif associé
CN106713319B (zh) 终端间的远程控制方法、装置、系统及移动终端
WO2017000237A1 (fr) Procédé de mise à jour d'algorithme, dispositif devant être mis à jour, et serveur
CN114697007A (zh) 一种密钥管理的方法、相应装置及系统
CN108737341B (zh) 业务处理方法、终端及服务器
WO2017117775A1 (fr) Procédé et système de gestion de la sécurité de communications, et dispositif associé
CN111756733A (zh) 一种身份认证方法和相关装置
CN111526249A (zh) 一种信息处理方法和电子设备

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 15896768

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 15896768

Country of ref document: EP

Kind code of ref document: A1