WO2020151194A1 - Secure storage method based on domestic cryptography chip - Google Patents

Secure storage method based on domestic cryptography chip Download PDF

Info

Publication number
WO2020151194A1
WO2020151194A1 PCT/CN2019/094188 CN2019094188W WO2020151194A1 WO 2020151194 A1 WO2020151194 A1 WO 2020151194A1 CN 2019094188 W CN2019094188 W CN 2019094188W WO 2020151194 A1 WO2020151194 A1 WO 2020151194A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
key
encryption
block
blocks
Prior art date
Application number
PCT/CN2019/094188
Other languages
French (fr)
Chinese (zh)
Inventor
孙玉玺
秦法林
杨兴康
王晓玉
尹相彦
Original Assignee
山东华芯半导体有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 山东华芯半导体有限公司 filed Critical 山东华芯半导体有限公司
Publication of WO2020151194A1 publication Critical patent/WO2020151194A1/en

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories

Definitions

  • the invention relates to a storage method, in particular, a safe storage method based on a national secret chip, belonging to the technical field of data storage.
  • the technical problem to be solved by the present invention is to provide a secure storage method based on a national secret chip, which uses different keys for different storage blocks.
  • the storage block keys are generated each time they are used and are not stored in the chip, even if Cracking a certain key cannot parse the entire disk data, which greatly increases the difficulty of cracking the entire disk data and enhances the security of the key and data.
  • the technical solution adopted by the present invention is: a secure storage method based on a national secret chip, including the following steps: S01), divide the LBA data into multiple blocks, and configure different blocks for different blocks. S02), the key and the national secret chip ID are XORed to generate a new key, and then the new key is XORed with the LBA of this block to generate specific Block encryption and decryption key, and then use SM3 algorithm to calculate the hash result of the new key to generate fixed-length data, which is the final encryption and decryption key of the block; S03), key expansion and data transmission parallel , In the data transmission stage, obtain the LBA and data length, calculate and configure the key of the LBA block, the national secret chip hardware performs key expansion, and the memory reads or receives the data. After the data is read or received, the data is split package.
  • SM4 and SM1 algorithms are randomly selected for encryption calculation.
  • every 256 LBAs is a group of 128KB data
  • the LBA is divided into 3 blocks
  • the data header and the data tail fall into the same block or two consecutive blocks after the data is split .
  • the second block needs to be configured with a key for key expansion before the data can be transmitted.
  • the present invention improves the data security of the entire device through a scheme of using different keys for different storage blocks and randomly selecting encryption algorithms.
  • the storage block key is generated every time it is used, and it does not Stored in the chip, even if a certain key is cracked, the entire disk data cannot be parsed, which greatly enhances the difficulty of cracking the entire disk data and the security of the key.
  • the division and encryption of storage blocks fully consider the behavior of the operating system and the characteristics of the protocol, and do not cause loss of performance. This solution is suitable for fields and industries that require high data security levels, greatly improving data security.
  • Figure 1 is a schematic diagram of continuous reading and writing hand capture under Windows
  • Figure 2 is a schematic diagram of continuous reading and writing manual packet capture under Linux
  • Figure 3 is a schematic diagram of data splitting
  • FIG. 4 is a flowchart of key synthesis
  • Figure 5 is a flow chart of BOT transmission
  • FIG. 6 is a flowchart of data encryption in Embodiment 1;
  • This embodiment discloses a secure storage method based on a national secret chip.
  • the model of the national secret chip is HX6802.
  • the chip supports a USB3.0 interface.
  • the internal hardware implements algorithms such as national secret SM1, SM2, SM3, SM4, etc., and has obtained National commercial secret.
  • the data stored in NandFlash is encrypted by the hardware symmetric encryption module of the main control chip, and the data is in cipher text.
  • the encryption and decryption keys are compounded according to the factors of LBA (Minimum Data Operation Unit of Storage Device), chip ID and key. Calculate, form keys for different blocks, and specify different encryption algorithms to enhance data security. Even if a certain part of the key is cracked, the entire disk information cannot be obtained.
  • LBA Minimum Data Operation Unit of Storage Device
  • the present invention includes the following steps:
  • the unit of measurement for storage device writing is LBA, each LBA 512 bytes, and the data transmitted each time must be an integer multiple of the LBA.
  • An important reference for the performance indicators of storage devices is continuous read and write, which is often referred to as seq r/w. If the block is too small, it will cause the firmware to continuously interrupt the NandFlash read and write operations for key configuration and expansion, which will seriously reduce the performance; and if the block is too large, it will reduce the data encryption security.
  • mainstream Windows and Linux systems generally read and write large files that are split into fixed-size packet lengths. See Figure 1 (Continuous Read and Write Packet Capture under Windows) for each 128KB group.
  • Each 120KB group is divided into blocks. According to the principle of compatibility, each 256 LBA, that is, 128KB data is used as a group, divided into encryption and decryption blocks, and different encryption and decryption blocks are configured for different encryption and decryption blocks. Key for encryption and decryption.
  • the LBA data is divided into 3 blocks. According to the data splitting, there are 3 situations. As shown in Figure 3, 1. The data header falls within the first 128KB block, and the data tail falls on In the second 128KB block; 2. The data header falls in the second 128KB block, and the data tail falls in the third 128KB block; 3. The data header and data tail fall in the second 128KB block Inside. When the data header and the data tail fall in two blocks, it needs to be split twice, and the key is configured twice to write the data into the NandFlash twice. The actual measurement will not affect the continuous read and write performance.
  • Each chip has a unique ID value.
  • the first step is to perform an XOR operation on the key and the national secret chip ID to generate a new key, and then perform the newly generated key and the LBA of the block XOR operation generates encryption and decryption keys for different encrypted blocks, and then uses SM3 algorithm to calculate the hash result of the new key to generate fixed-length data, which is the final encryption and decryption key of the block. See Figure 4.
  • Each block key is calculated and generated, and the ID of each chip is different. Even if different devices are configured with the same key, the actual key is different. Even if the key is obtained, the method of generating the block key is not known. Unable to obtain the real key.
  • the encryption algorithm selection selects different symmetric encryption algorithms according to the parity of the lowest bit of the block key.
  • two algorithms, SM4 and SM1 are randomly selected, which further increases the difficulty of cracking.
  • the mass storage device USB3.0 device is generally based on the BOT protocol, and the flow chart of using SCSI commands for transmission is shown in Figure 5.
  • Key expansion generally takes a certain amount of time, so an optimization measure is adopted.
  • the CBW stage of data transmission the LBA and data length are obtained, the key of the block is calculated, and then the key of the first group of blocks is configured first.
  • the hardware performs key expansion, and at the same time, the USB3.0 hardware receives data from the host computer (Data Out), or the NandFlash controller reads data from NandFlash (Data In). After all the data is processed in the hardware FIFO, the data is removed.
  • the encryption process, the distance between the process of writing data from the PC to the USB storage device, and the decryption process are the reverse process of the encryption process, as shown in FIG. 6, including the following steps:
  • the PC sends the LBA and data transmission volume to the HX6802, and the HX6802 obtains the LBA offset and the data volume LBA range;
  • HX6802 calculates the key and the synthetic key of LBA, and the synthetic key calls SM3 calculation to generate the block key;
  • HX6802 selects the encryption method according to the parity of the lowest bit of the synthetic key
  • the PC configures the key for key expansion, and sends data to the HX6802;
  • HX6802 selects an encryption algorithm and performs key extension
  • HX6802 splits the data packet, selects the LBA block, hardware encryption, data ciphertext writing, and the transmission is completed;
  • the data block encryption and decryption, encryption and decryption encryption method and key of the present invention are randomly calculated and generated according to different devices.
  • the data key of each encrypted block is changed, and the data block key is not stored in the device. It is calculated and generated during use. Improve the security level of key protection.
  • the key is combined with the hash result of the chip ID, block LBA and SM3, and the result is irreversible, which enhances the randomness of the key and the difficulty of cracking.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

A secure storage method based on a domestic cryptography chip. The method comprises: dividing LBA data into a plurality of blocks, and configuring different keys for different blocks to perform encryption and decryption; performing an exclusive OR operation on one key and a domestic cryptography chip ID to generate a new key, performing an exclusive OR operation on the new key and an LBA of the current block to generate encryption and decryption keys for different blocks, and then calculating a Hash result of the new key by means of an SM3 algorithm to generate data of a fixed length, wherein the data is a final encryption and decryption key of the block; and performing key extension and data transmission in parallel. A storage block key is generated each time same is used, and is not stored inside a chip, and even if a certain key is cracked, full-disk data cannot be parsed, thereby greatly enhancing the difficulty of cracking the full-disk data, and enhancing the security of the key and the data.

Description

一种基于国密芯片的安全存储方法A safe storage method based on national secret chip 技术领域Technical field
本发明涉及一种存储方法,具体的说,是一种基于国密芯片的安全存储方法,属于数据存储技术领域。The invention relates to a storage method, in particular, a safe storage method based on a national secret chip, belonging to the technical field of data storage.
背景技术Background technique
随着国家自主可控的需求和发展,数据安全作为一个重点为各个行业所重视,尤其是数据防泄漏和防破解,是数据安全的重点环节,本方案提供一种基于国密安全存储芯片,针对不同存储区域采用密钥随机和算法随机的加密方法,针对不同的区域通过不同的密钥和加密算法对数据进行加密,密钥的随机性和加密算法的不确定性,相比于特定密钥和指定加密算法,大大增强了数据破解的难度,本方案可用在存储安全领域推广,拥有广泛的应用前景。With the country’s independent and controllable needs and development, data security is a key focus of various industries, especially data leakage prevention and cracking prevention, which are key aspects of data security. This solution provides a security memory chip based on national secrets. The encryption method of random key and random algorithm is adopted for different storage areas, and the data is encrypted by different keys and encryption algorithms for different areas. The randomness of the key and the uncertainty of the encryption algorithm are compared with the specific encryption method. The key and the specified encryption algorithm greatly increase the difficulty of data cracking. This solution can be promoted in the field of storage security and has a wide range of application prospects.
发明内容Summary of the invention
本发明要解决的技术问题是提供一种基于国密芯片的安全存储方法,针对不同存储区块采用不同的密钥,存储区块密钥每次使用时产生,并不存入芯片内部,即使破解某个密钥,也无法解析出整盘数据,大大增强破解整盘数据的难度,增强密钥和数据的安全性。The technical problem to be solved by the present invention is to provide a secure storage method based on a national secret chip, which uses different keys for different storage blocks. The storage block keys are generated each time they are used and are not stored in the chip, even if Cracking a certain key cannot parse the entire disk data, which greatly increases the difficulty of cracking the entire disk data and enhances the security of the key and data.
为了解决所述技术问题,本发明采用的技术方案是:一种基于国密芯片的安全存储方法,包括以下步骤:S01)、将LBA数据分成分成多个区块,针对不同的区块配置不同的密钥进行加解密;S02)、将密钥和国密芯片ID进行异或运算,产生新的密钥,再将新的密钥与本区块的LBA进行异或操作,产生针对不同区块的加解密密钥,然后使用SM3算法将新的密钥计算哈希结果,产生固定长度的数据,该数据为该区块的最终加解密密钥;S03)、密钥扩展与数据传输并行,在数据发送阶段,获取LBA和数据长度,计算并配置LBA区块的密钥,国密芯片硬件进行密钥扩展,同时存储器读取或接收数据,数据全部读取或者接收后,进行数据拆包。In order to solve the technical problem, the technical solution adopted by the present invention is: a secure storage method based on a national secret chip, including the following steps: S01), divide the LBA data into multiple blocks, and configure different blocks for different blocks. S02), the key and the national secret chip ID are XORed to generate a new key, and then the new key is XORed with the LBA of this block to generate specific Block encryption and decryption key, and then use SM3 algorithm to calculate the hash result of the new key to generate fixed-length data, which is the final encryption and decryption key of the block; S03), key expansion and data transmission parallel , In the data transmission stage, obtain the LBA and data length, calculate and configure the key of the LBA block, the national secret chip hardware performs key expansion, and the memory reads or receives the data. After the data is read or received, the data is split package.
进一步的,进行加密计算时,根据区块最终加解密密钥最低位的奇偶性,选择不同的对称加密算法。Further, when performing encryption calculation, different symmetric encryption algorithms are selected according to the parity of the lowest bit of the final encryption and decryption key of the block.
进一步的,进行加密计算时,随机选择SM4、SM1算法进行加密计算。Further, when performing encryption calculation, SM4 and SM1 algorithms are randomly selected for encryption calculation.
进一步的,步骤S01中,每256个LBA即每128KB数据为一组,将LBA分成3个区块,数据拆分后数据头和数据尾落入同一个区块或者连续的两个区块内。Further, in step S01, every 256 LBAs is a group of 128KB data, the LBA is divided into 3 blocks, and the data header and the data tail fall into the same block or two consecutive blocks after the data is split .
进一步的,当数据横跨两个区块时,第二个区块需要先配置密钥进行密钥扩展,然 后才能传送数据。Further, when the data spans two blocks, the second block needs to be configured with a key for key expansion before the data can be transmitted.
本发明的有益效果:本发明通过一种针对不同存储区块采用不同的密钥和随机选择加密算法的方案,提高整个设备的数据安全性,存储区块密钥每次使用时产生,并不存入芯片内部,即使破解某个密钥,也无法解析出整盘数据,大大增强的破解整盘数据的难度和密钥的安全性。存储区块的划分和加密充分考虑操作系统的行为和协议的特点,不对性能造成损耗。该方案适用于对数据密级要求较高的领域和产业,大大提高数据的安全性。The beneficial effects of the present invention: the present invention improves the data security of the entire device through a scheme of using different keys for different storage blocks and randomly selecting encryption algorithms. The storage block key is generated every time it is used, and it does not Stored in the chip, even if a certain key is cracked, the entire disk data cannot be parsed, which greatly enhances the difficulty of cracking the entire disk data and the security of the key. The division and encryption of storage blocks fully consider the behavior of the operating system and the characteristics of the protocol, and do not cause loss of performance. This solution is suitable for fields and industries that require high data security levels, greatly improving data security.
附图说明Description of the drawings
图1为Windows下连续读写手抓包的示意图;Figure 1 is a schematic diagram of continuous reading and writing hand capture under Windows;
图2为Linux下连续读写手抓包的示意图;Figure 2 is a schematic diagram of continuous reading and writing manual packet capture under Linux;
图3为数据拆分情况的示意图;Figure 3 is a schematic diagram of data splitting;
图4为密钥合成的流程图;Figure 4 is a flowchart of key synthesis;
图5为BOT传输的流程图;Figure 5 is a flow chart of BOT transmission;
图6为实施例1中数据加密的流程图;Figure 6 is a flowchart of data encryption in Embodiment 1;
具体实施方式detailed description
下面结合附图和具体实施例对本发明作进一步的说明。The present invention will be further described below in conjunction with the drawings and specific embodiments.
实施例1Example 1
本实施例公开一种基于国密芯片的安全存储方法,所述国密芯片型号为HX6802,该芯片支持USB3.0接口,内部硬件实现国密SM1、SM2、SM3、SM4等算法,并已获得国家商密。存储在NandFlash中的数据通过主控芯片的硬件对称加密模块进行加密,数据均采用密文方式,加解密的密钥根据LBA(存储设备最小数据操作单位)、芯片ID和密钥为因子进行复合运算,形成针对不同区块的密钥,并指定不同的加密算法,增强数据的安全性。即使破解某部分密钥,也无法获取整盘信息。This embodiment discloses a secure storage method based on a national secret chip. The model of the national secret chip is HX6802. The chip supports a USB3.0 interface. The internal hardware implements algorithms such as national secret SM1, SM2, SM3, SM4, etc., and has obtained National commercial secret. The data stored in NandFlash is encrypted by the hardware symmetric encryption module of the main control chip, and the data is in cipher text. The encryption and decryption keys are compounded according to the factors of LBA (Minimum Data Operation Unit of Storage Device), chip ID and key. Calculate, form keys for different blocks, and specify different encryption algorithms to enhance data security. Even if a certain part of the key is cracked, the entire disk information cannot be obtained.
本发明包括以下步骤:The present invention includes the following steps:
S01)、LBA数据分块;S01), LBA data block;
存储设备写入计量单位是LBA,每个LBA 512字节,每次传输数据一定是是LBA的整数倍。存储设备的性能指标的一个重要参考是连续读写,也就是常说的seq r/w。如果分块过小,会导致固件连续打断对NandFlash读写操作而进行密钥配置、扩展,会严重降低性能;而分块过大,会降低数据的加密安全性、。们通过数据抓包发现,主流的Windows和Linux系统一般读写大文件会被拆分为固定大小的包长度,参见图1(Windows下连续读写抓包)每128KB一组进行分块,图2(Linux连续读写抓包)每120KB一组进行分块,按照兼容 原则,采取每256个LBA,也就是128KB数据为一组,划分加解密块,针对不同的加解密块配置不同的密钥进行加解密。The unit of measurement for storage device writing is LBA, each LBA 512 bytes, and the data transmitted each time must be an integer multiple of the LBA. An important reference for the performance indicators of storage devices is continuous read and write, which is often referred to as seq r/w. If the block is too small, it will cause the firmware to continuously interrupt the NandFlash read and write operations for key configuration and expansion, which will seriously reduce the performance; and if the block is too large, it will reduce the data encryption security. We found through data packet capture that mainstream Windows and Linux systems generally read and write large files that are split into fixed-size packet lengths. See Figure 1 (Continuous Read and Write Packet Capture under Windows) for each 128KB group. 2 (Linux continuous reading and writing packet capture) Each 120KB group is divided into blocks. According to the principle of compatibility, each 256 LBA, that is, 128KB data is used as a group, divided into encryption and decryption blocks, and different encryption and decryption blocks are configured for different encryption and decryption blocks. Key for encryption and decryption.
本实施例中,将LBA数据分成3个区块,根据数据拆分的情况,存在3种情况,如图3所示,1、数据头落在第一个128KB区块内,数据尾落在第二个128KB区块内;2、数据头落在第二个128KB区块内,数据尾落在第三个128KB区块内;3、数据头和数据尾都落在第二个128KB区块内。数据头和数据尾落在两个区块内时需要拆分两次,配置两次密钥分两次将数据写入NandFlash中。实测使用过程中不会对连续读写性能造成影响。In this embodiment, the LBA data is divided into 3 blocks. According to the data splitting, there are 3 situations. As shown in Figure 3, 1. The data header falls within the first 128KB block, and the data tail falls on In the second 128KB block; 2. The data header falls in the second 128KB block, and the data tail falls in the third 128KB block; 3. The data header and data tail fall in the second 128KB block Inside. When the data header and the data tail fall in two blocks, it needs to be split twice, and the key is configured twice to write the data into the NandFlash twice. The actual measurement will not affect the continuous read and write performance.
S02)、区块密钥生成S02), block key generation
每个芯片有唯一的ID值,为了加大随机性,第一步将密钥和国密芯片ID进行异或运算,产生新的密钥,再将新产生的密钥和区块的LBA进行异或操作,产生针对不同加密区块的加解密密钥,然后使用SM3算法将新的密钥计算哈希结果,产生固定长度的数据,该数据为该区块的最终加解密密钥,详见图4。每次区块密钥均计算生成,每个芯片的ID不同,即使不同设备配置相同的密钥,实际密钥也是不同的,即使获取到密钥,不了解区块密钥的生成方法,也无法获取真正的密钥。Each chip has a unique ID value. In order to increase the randomness, the first step is to perform an XOR operation on the key and the national secret chip ID to generate a new key, and then perform the newly generated key and the LBA of the block XOR operation generates encryption and decryption keys for different encrypted blocks, and then uses SM3 algorithm to calculate the hash result of the new key to generate fixed-length data, which is the final encryption and decryption key of the block. See Figure 4. Each block key is calculated and generated, and the ID of each chip is different. Even if different devices are configured with the same key, the actual key is different. Even if the key is obtained, the method of generating the block key is not known. Unable to obtain the real key.
同时加密算法选择根据区块密钥最低位的奇偶性,选择不同的对称加密算法。本实施例在加密时,采用的SM4和SM1两种算法随机选择,更加增大了破解难度。At the same time, the encryption algorithm selection selects different symmetric encryption algorithms according to the parity of the lowest bit of the block key. When encrypting in this embodiment, two algorithms, SM4 and SM1, are randomly selected, which further increases the difficulty of cracking.
S03)、密钥扩展与数据传输并行S03), key expansion and data transmission parallel
大容量存储设备USB3.0设备一般是基于BOT协议,采用SCSI指令进行传输的流程图详见图5。密钥扩展一般会需要一定的时间,所以采用一种优化措施,在数据发送CBW阶段,获取LBA和数据长度,计算出区块的密钥,然后先配置第一组区块的密钥,芯片硬件进行密钥扩展,同时USB3.0硬件这边从上位机接收数据(Data Out),或者NandFlash控制器这边从NandFlash读取数据(Data In),数据全部进行硬件的FIFO后,进行数据拆包,所以在大容量数据传输过程中,密钥和数据串行的情况最多只有一次,即当数据横跨两个区块,第二次需要先配置密钥进行密钥扩展,然后才能传送数据,这种方法降低了延时,提高性能。The mass storage device USB3.0 device is generally based on the BOT protocol, and the flow chart of using SCSI commands for transmission is shown in Figure 5. Key expansion generally takes a certain amount of time, so an optimization measure is adopted. In the CBW stage of data transmission, the LBA and data length are obtained, the key of the block is calculated, and then the key of the first group of blocks is configured first. The hardware performs key expansion, and at the same time, the USB3.0 hardware receives data from the host computer (Data Out), or the NandFlash controller reads data from NandFlash (Data In). After all the data is processed in the hardware FIFO, the data is removed. Package, so in the process of large-capacity data transmission, the key and data serial situation can only be done once at most, that is, when the data spans two blocks, the second time you need to configure the key for key expansion, and then transmit the data This method reduces latency and improves performance.
实施例2Example 2
本实施例以加密流程、PC机向USB存储设备写入数据过程距离,解密过程为加密过程的反过程,如图6所示,包括以下步骤:In this embodiment, the encryption process, the distance between the process of writing data from the PC to the USB storage device, and the decryption process are the reverse process of the encryption process, as shown in FIG. 6, including the following steps:
S01)、PC机向HX6802发送LBA和数据传输量,HX6802获取LBA偏移和数据量LBA范围;S01), the PC sends the LBA and data transmission volume to the HX6802, and the HX6802 obtains the LBA offset and the data volume LBA range;
S02)、HX6802计算密钥和LBA的合成密钥,合成密钥调用SM3运算生成区块密钥;S02), HX6802 calculates the key and the synthetic key of LBA, and the synthetic key calls SM3 calculation to generate the block key;
S03)、HX6802根据合成密钥最低位奇偶性选择加密方法;S03), HX6802 selects the encryption method according to the parity of the lowest bit of the synthetic key;
S04)、PC机配置密钥进行密钥扩展,向HX6802发送数据;S04) The PC configures the key for key expansion, and sends data to the HX6802;
S05)、HX6802选择加密算法,进行密钥扩展;S05), HX6802 selects an encryption algorithm and performs key extension;
S06)、HX6802拆分数据包,选定LBA区块,硬件加密,数据密文写入,传输完成;S06), HX6802 splits the data packet, selects the LBA block, hardware encryption, data ciphertext writing, and the transmission is completed;
S07)、至数据全部写入,指令相应,向PC机反馈指令完成。S07), until all data is written, the instruction is corresponding, and the instruction is completed to the PC.
本发明数据分块加解密,加解密密方法和密钥根据不同设备随机计算生成,每个加密块数据密钥均产生变化,并且数据块密钥不存储到设备中,使用过程中计算生成,提高密钥保护的安全等级。The data block encryption and decryption, encryption and decryption encryption method and key of the present invention are randomly calculated and generated according to different devices. The data key of each encrypted block is changed, and the data block key is not stored in the device. It is calculated and generated during use. Improve the security level of key protection.
密钥结合芯片ID、区块LBA和SM3的哈希结果,结果不可逆,增强密钥的随机性和破解难度。The key is combined with the hash result of the chip ID, block LBA and SM3, and the result is irreversible, which enhances the randomness of the key and the difficulty of cracking.
数据分块和配置密钥扩展的实际结合主流操作系统的方式和BOT协议的特点,充分保证性能。The actual combination of data block and configuration key extension is the way of mainstream operating systems and the characteristics of the BOT protocol to fully guarantee performance.
以上描述的仅是本发明的基本原理和优选实施例,本领域技术人体根据本发明做出的改进和替换,属于本发明的保护范围。What has been described above are only the basic principles and preferred embodiments of the present invention. Improvements and replacements made by the human body in the field according to the present invention belong to the protection scope of the present invention.

Claims (5)

  1. 一种基于国密芯片的安全存储方法,其特征在于:包括以下步骤:S01)、将LBA数据分成分成多个区块,针对不同的区块配置不同的密钥进行加解密;S02)、将密钥和国密芯片ID进行异或运算,产生新的密钥,再将新的密钥与本区块的LBA进行异或操作,产生针对不同区块的加解密密钥,然后使用SM3算法将新的密钥计算哈希结果,产生固定长度的数据,该数据为该区块的最终加解密密钥;S03)、密钥扩展与数据传输并行,在数据发送阶段,获取LBA和数据长度,计算并配置LBA区块的密钥,国密芯片硬件进行密钥扩展,同时存储器读取或接收数据,数据全部读取或者接收后,进行数据拆包。A secure storage method based on a national secret chip, which is characterized in that it includes the following steps: S01), dividing LBA data into multiple blocks, and configuring different keys for different blocks for encryption and decryption; S02), combining The key and the national secret chip ID are XORed to generate a new key, and then the new key is XORed with the LBA of this block to generate encryption and decryption keys for different blocks, and then use the SM3 algorithm Calculate the hash result of the new key to generate fixed-length data, which is the final encryption and decryption key of the block; S03), key expansion is parallel to data transmission, and in the data transmission phase, LBA and data length are obtained , Calculate and configure the key of the LBA block, the national secret chip hardware performs key expansion, and the memory reads or receives data at the same time. After all the data is read or received, the data is unpacked.
  2. 根据权利要求1所述的基于国密芯片的安全存储方法,其特征在于:进行加密计算时,根据区块最终加解密密钥最低位的奇偶性,选择不同的对称加密算法。The secure storage method based on the national secret chip according to claim 1, characterized in that when performing encryption calculation, different symmetric encryption algorithms are selected according to the parity of the lowest bit of the final encryption and decryption key of the block.
  3. 根据权利要求1所述的基于国密芯片的安全存储方法,其特征在于:进行加密计算时,随机选择SM4、SM1算法进行加密计算。The secure storage method based on a national secret chip according to claim 1, characterized in that when performing encryption calculation, SM4 and SM1 algorithms are randomly selected for encryption calculation.
  4. 根据权利要求1所述的基于国密芯片的安全存储方法,其特征在于:步骤S01中,每256个LBA即每128KB数据为一组,将LBA分成3个区块,数据拆分后数据头和数据尾落入同一个区块或者连续的两个区块内。The secure storage method based on the national secret chip according to claim 1, characterized in that: in step S01, every 256 LBAs, that is, every 128KB of data is a group, the LBAs are divided into 3 blocks, and the data header is split. The data tail falls into the same block or two consecutive blocks.
  5. 根据权利要求1所述的基于国密芯片的安全存储方法,其特征在于:当数据横跨两个区块时,第二个区块需要先配置密钥进行密钥扩展,然后才能传送数据。The secure storage method based on the national secret chip according to claim 1, wherein when the data spans two blocks, the second block needs to be configured with a key for key expansion before the data can be transmitted.
PCT/CN2019/094188 2019-01-24 2019-07-01 Secure storage method based on domestic cryptography chip WO2020151194A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201910066706.0A CN109840434A (en) 2019-01-24 2019-01-24 A kind of method for secure storing based on the close chip of state
CN201910066706.0 2019-01-24

Publications (1)

Publication Number Publication Date
WO2020151194A1 true WO2020151194A1 (en) 2020-07-30

Family

ID=66884103

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2019/094188 WO2020151194A1 (en) 2019-01-24 2019-07-01 Secure storage method based on domestic cryptography chip

Country Status (2)

Country Link
CN (1) CN109840434A (en)
WO (1) WO2020151194A1 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115408675A (en) * 2022-11-01 2022-11-29 湖北芯擎科技有限公司 Method, device, equipment and storage medium for generating eFuse Key

Families Citing this family (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109840434A (en) * 2019-01-24 2019-06-04 山东华芯半导体有限公司 A kind of method for secure storing based on the close chip of state
CN112887077B (en) * 2021-01-20 2023-04-21 深圳安捷丽新技术有限公司 SSD main control chip random cache confidentiality method and circuit
CN114065240A (en) * 2021-11-10 2022-02-18 南京信易达计算技术有限公司 Storage encryption system based on domestic AI chip architecture and control method

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN105426786A (en) * 2015-11-11 2016-03-23 清华大学 Data encryption/decryption method and system based on racetrack memory
US20160335208A1 (en) * 2011-09-30 2016-11-17 Intel Corporation Presentation of direct accessed storage under a logical drive model
CN107516047A (en) * 2017-08-08 2017-12-26 杭州中天微系统有限公司 A kind of data storage ciphering and deciphering device and method
CN109840434A (en) * 2019-01-24 2019-06-04 山东华芯半导体有限公司 A kind of method for secure storing based on the close chip of state

Family Cites Families (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN100561449C (en) * 2005-09-23 2009-11-18 中国科学院计算技术研究所 A kind of hard-disc fan-area data enciphering and deciphering method and system
CN101196877B (en) * 2007-12-29 2012-01-04 大唐微电子技术有限公司 Multiple memory cell operation isolated smart card and its implementing method
CN103390139A (en) * 2012-05-11 2013-11-13 慧荣科技股份有限公司 Data storage device and data protection method thereof
CN102930224A (en) * 2012-10-19 2013-02-13 华为技术有限公司 Hard drive data write/read method and device
WO2017101122A1 (en) * 2015-12-18 2017-06-22 深圳市振华微电子有限公司 Computer encryption lock having separating management and use

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20160335208A1 (en) * 2011-09-30 2016-11-17 Intel Corporation Presentation of direct accessed storage under a logical drive model
CN105426786A (en) * 2015-11-11 2016-03-23 清华大学 Data encryption/decryption method and system based on racetrack memory
CN107516047A (en) * 2017-08-08 2017-12-26 杭州中天微系统有限公司 A kind of data storage ciphering and deciphering device and method
CN109840434A (en) * 2019-01-24 2019-06-04 山东华芯半导体有限公司 A kind of method for secure storing based on the close chip of state

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115408675A (en) * 2022-11-01 2022-11-29 湖北芯擎科技有限公司 Method, device, equipment and storage medium for generating eFuse Key

Also Published As

Publication number Publication date
CN109840434A (en) 2019-06-04

Similar Documents

Publication Publication Date Title
WO2020151194A1 (en) Secure storage method based on domestic cryptography chip
US10659216B2 (en) Data processing method and apparatus
US8165301B1 (en) Input-output device and storage controller handshake protocol using key exchange for data security
US8666064B2 (en) Endecryptor capable of performing parallel processing and encryption/decryption method thereof
JP5306465B2 (en) Pre-calculation of message authentication code applied to secure memory
US20120269340A1 (en) Hierarchical encryption/decryption device and method thereof
CN112887077B (en) SSD main control chip random cache confidentiality method and circuit
CN106878013B (en) File encryption and decryption method and device
US9910790B2 (en) Using a memory address to form a tweak key to use to encrypt and decrypt data
JP2020529758A (en) Equipment and methods for encrypting and decrypting stored data
WO2012071714A1 (en) Data encryption and decryption method and device
CN111222148A (en) Key generation method, encryption method, decryption method and device
CN102541762A (en) Data protector for external memory and data protection method
CN113094718A (en) File encryption method and related device
CN104463020A (en) Method for protecting data integrity of memory
CN213876729U (en) Random cache secret circuit of SSD main control chip
CN116488794A (en) Method and device for realizing high-speed SM4 password module based on FPGA
KR101899130B1 (en) Methods for encrypting data, decrypting data and apparatus using the same
US20210232509A1 (en) Storage Controller, And File Processing Method, Apparatus, And System
CN110138559A (en) The method and system of quantum-key distribution are carried out to the terminal in platform area
KR20220085811A (en) One-time password generation
CN114095259B (en) Authentication encryption and decryption device and method
CN115865448A (en) Data self-encryption device and method
CN109714151A (en) Chip data processing method and system based on AES-GCM
CN114401081A (en) Data encryption transmission method, application and system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19911520

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19911520

Country of ref document: EP

Kind code of ref document: A1