WO2021129557A1 - Procédé de chiffrement de fichier et appareil associé - Google Patents

Procédé de chiffrement de fichier et appareil associé Download PDF

Info

Publication number
WO2021129557A1
WO2021129557A1 PCT/CN2020/137923 CN2020137923W WO2021129557A1 WO 2021129557 A1 WO2021129557 A1 WO 2021129557A1 CN 2020137923 W CN2020137923 W CN 2020137923W WO 2021129557 A1 WO2021129557 A1 WO 2021129557A1
Authority
WO
WIPO (PCT)
Prior art keywords
target
random number
file
key
descriptor
Prior art date
Application number
PCT/CN2020/137923
Other languages
English (en)
Chinese (zh)
Inventor
杨涛
张广宇
王海军
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Publication of WO2021129557A1 publication Critical patent/WO2021129557A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/79Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in semiconductor storage media, e.g. directly-addressable memories
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Definitions

  • This application relates to the field of information technology, and in particular to a file encryption method and related devices.
  • the security problems of smart terminals have become increasingly prominent: such as information leakage, fraud, and Trojan horse viruses. Therefore, users pay more and more attention to the safety of smart terminals.
  • current smart terminal storage systems generally use full disk encryption or file encryption to protect file information in smart terminals.
  • the file encryption method based on the existing Universal Flash Storage (UFS) protocol uses the limited key file encryption (total files limited keys) method, which is determined by the trusted execution environment in the processor ( Trust Execute Environment (TEE) configures 32 sets of initial keys ClassKey at one time, and then encrypts the files in the smart terminal with the initial keys.
  • UFS Universal Flash Storage
  • TEE Trust Execute Environment
  • the keys used in the encryption process of this file encryption method are all fixed 32 sets of initial keys. To the requirement of one file and one key, the encryption level is lower. If you want to implement a file with a key, you need to switch the TEE side to configure a new Class Key before switching to the file management module in the processor to encrypt the file before encrypting the file. It will lead to frequent interactions between TEE and file management modules, making the actual storage efficiency extremely low.
  • the embodiments of the present application provide a file encryption method and related equipment, which guarantee the storage efficiency and encryption level of file encryption at the same time under the condition of UFS transmission protocol.
  • an embodiment of the present application provides a file encryption device, including: a processor and a universal flash memory host UFS controller coupled with the above-mentioned processor; the above-mentioned processor is configured to send a first request to the above-mentioned UFS controller, The first request is used to request storage of the target file; the UFS controller is used to: obtain the target random number corresponding to the target file; generate the target file corresponding to the target file according to the target random number and the pre-stored first key The second key; the target file is encrypted by the second key to obtain the encrypted target file.
  • the UFS controller when it encrypts different files, it can first generate the encryption of different files according to the same initial key (first key) and the random number corresponding to each file in the different files. Key (second key), and then encrypt different files according to the key corresponding to each file in the different files, so that the encryption key used by each file in the file encryption process is different , Where each file has a unique random number corresponding to it. It is understandable that because the keys used for file encryption are different between different files, it can be ensured that after the encrypted storage of the file, the encrypted file is not easily hacked, resulting in information leakage. This encryption method can greatly improve the file’s security. Encryption level.
  • the method provided by the first aspect can ensure the storage efficiency and encryption level of file encryption at the same time based on the UFS transmission protocol.
  • the above UFS controller is also used to: obtain the above target file.
  • the target file can be obtained first before encrypting the target file.
  • the target file may be obtained by the UFS controller actively after the file management system of the processor generates the file, or it may be file management of the processor. After the system generates the file, the UFS controller passively receives it.
  • the file management module directly sends the target file to the UFS controller after creating the target file; another example: the file management module stores the target file in the temporary memory after creating the target file, and the storage address It is sent to the UFS controller together with the first request, and the UFS controller obtains the above-mentioned target file according to the storage address.
  • the UFS controller is further configured to: obtain the descriptor of the first request corresponding to the target file, the descriptor includes the data unit number DUN; the UFS controller is specifically used for: The target file is divided into multiple file data blocks; starting from a file data block corresponding to the DUN among the multiple file data blocks, the multiple file data blocks are sequentially encrypted according to the second key to obtain the encryption After the target file.
  • the initial encryption object of the target file (that is, the file data block corresponding to the above DUN among the multiple file data blocks) needs to be determined according to the DUN in the descriptor, and then Controlling the target file to perform an encrypted storage operation can improve the encryption level of the file while ensuring the storage efficiency of the file encryption.
  • the block length of the block encryption algorithm can be 128 bits
  • the key length can be 128 bits, 192 bits, or 256 bits of the advanced encryption standard encryption algorithm.
  • the above-mentioned processor is further configured to generate the above-mentioned target random number and the above-mentioned descriptor of the above-mentioned target file when the above-mentioned target file is created.
  • the file management module in the processor when the file management module in the processor creates the target file, it can generate the target random number uniquely corresponding to the target file and the first request descriptor corresponding to the target file. Therefore, the random numbers and descriptors corresponding to different files are different, which ensures the encryption level of file encryption, increases the difficulty of cracking the encrypted target file, and reduces the risk of target file leakage.
  • the aforementioned device further includes a dynamic random access memory coupled to the processor and the aforementioned UFS controller respectively; the aforementioned processor is further configured to: extend the aforementioned descriptor according to the aforementioned target random number to obtain The extended descriptor, the extended descriptor includes the target random number and the DUN; the extended descriptor is sent to the dynamic random access memory; the UFS controller is specifically configured to: according to the first request, from the above The above-mentioned extended descriptor is acquired in the dynamic random access memory; the above-mentioned target random number and the above-mentioned DUN are acquired according to the above-mentioned extended descriptor.
  • the UFS controller can obtain the target random number by adding the target random number to the descriptor when generating the target random number and the descriptor, that is, by extending the descriptor,
  • the expanded descriptor may carry the target random number and be stored in the dynamic random access memory.
  • the UFS controller obtains the target random number by obtaining the expanded descriptor.
  • the key is generated according to the target random number.
  • the method of obtaining the key also ensures that only the target random number will appear in the file management module (ie, software level) of the processor, and the root secret
  • the key ie, the second key
  • the key is derived from hardware logic, and will not be perceived and acquired by software, so the security factor of the key will be improved.
  • the aforementioned device further includes a dynamic random access memory coupled to the processor and the aforementioned UFS controller respectively; the aforementioned processor is further configured to: send the aforementioned target random number to the aforementioned dynamic random access memory;
  • the descriptor is expanded according to the storage address of the target random number and the data length of the target random number to obtain an expanded descriptor.
  • the expanded descriptor includes the storage address of the target random number and the data length of the target random number.
  • the aforementioned UFS controller is specifically configured to: obtain the aforementioned expanded descriptor from the aforementioned dynamic random access memory according to the aforementioned first request; and determine the aforementioned expanded descriptor The storage address of the target random number in the descriptor, and the target random number is obtained according to the storage address of the target random number; and the DUN is obtained according to the expanded descriptor.
  • the UFS controller can obtain the target random number by obtaining the storage address in the extended descriptor. After obtaining the target random number, the key is generated according to the target random number.
  • the method of obtaining the key also ensures that only the target random number will appear in the file management module (ie, software level) of the processor, and the root secret
  • the key (that is, the second key) is derived from the hardware logic and will not be perceived and acquired by the software. Therefore, the security factor of the key will be improved, and the risk of cracking the file after a criminal steals the key is greatly reduced.
  • the aforementioned device further includes a dynamic random access memory coupled with the processor and the aforementioned UFS controller respectively; the aforementioned processor is further configured to: send the aforementioned descriptor to the aforementioned dynamic random access memory;
  • the address register in the UFS controller sends the storage address of the target random number;
  • the UFS controller is specifically used to: obtain the descriptor from the dynamic random access memory according to the first request; store according to the address register in the UFS controller The storage address of the above-mentioned target random number to obtain the above-mentioned target random number.
  • the processor directly sends the target random number to the UFS controller, and the UFS controller generates the encrypted key according to the target random number.
  • This UFS controller can directly obtain the storage address of the target random number.
  • the method to obtain the target random number also ensures that only the target random number will appear in the processor (that is, at the software level), and the root key (second key) is derived from the hardware logic and will not be obtained by the software. Perception and acquisition will increase the security factor of the key used to encrypt the target file, greatly reduce the risk of cracking the file after a criminal steals the key, improve the security level, and the method of obtaining the target random number will not affect The storage efficiency of target files saves resources.
  • the above-mentioned device further includes: a random number generator coupled with the above-mentioned UFS controller, the above-mentioned random number generator is used to generate variable parameters, and the above-mentioned variable parameters are used to generate the above-mentioned second key; the above-mentioned UFS The controller is specifically configured to: generate a third key according to the target random number and the variable parameter, wherein the variable parameter includes a first variable and a second variable, and the first variable is used to identify the position of the second key.
  • the second variable is a random number with a preset fixed bit width or a number with a preset fixed bit width that identifies the file attribute of the target file, wherein the preset fixed bit width of the second variable is determined by the third key
  • the bit width of is determined;
  • the second key is generated by a derived algorithm according to the third key and the pre-stored first key.
  • the implementation of the embodiment of this application can generate a third key according to the target random number, the first variable parameter, and the second variable parameter.
  • the third key uniquely corresponds to the target file, and then it is based on the third key and the pre-stored first secret.
  • the second key generated by the key is also unique. Therefore, the encryption method of one file one key greatly improves the encryption level of the file.
  • the second key is derived from the hardware logic according to the first key, and the software cannot perceive and obtain it, which reduces the risk of file decryption after the key is stolen by criminals.
  • the target random number is a random number of file attributes
  • the bit width of the target random number includes one of the following bit widths: 128 bits, 192 bits, 256 bits, and 512 bits.
  • the implementation of the embodiment of the present application can encrypt the target file by using random numbers with different digits. It is understandable that the target random number is to encrypt the target file.
  • the encryption algorithm used in the encryption process for different digits of random numbers may be the same or different. When the digits of the random number are higher, the corresponding The encryption algorithm may be more complicated, that is, the calculation process is more cumbersome, the higher the security performance, and the more conducive to file protection.
  • the above-mentioned device further includes a memory coupled with the above-mentioned UFS controller; the above-mentioned UFS controller is used to store the above-mentioned encrypted target file in the above-mentioned memory; the above-mentioned memory is used to store the above-mentioned encrypted target file The target file.
  • the encrypted target file can be stored in a memory.
  • the memory can be a solid-state drive of a smart terminal, UFS Flash (UFS Flash), solid-state memory, etc., which can effectively save the target after the smart terminal encrypts the file. file.
  • the above-mentioned processor is further configured to: send a second request to the above-mentioned UFS controller, and the above-mentioned second request is used to request to read the above-mentioned encrypted target file; the above-mentioned UFS controller, It is also used for: obtaining the second key corresponding to the target file according to the second request, decrypting the encrypted target file according to the second key, and reading it.
  • the UFS controller when the UFS controller receives a request to read an encrypted file, it can decrypt and read the encrypted file according to the read request to obtain the unique second key used when encrypting the file.
  • the target file can only be read when there is a second key, which is conducive to the confidentiality of the target file.
  • the second key is derived from hardware logic and will not be stored in the UFS controller. Access, reducing the risk of being stolen by criminals.
  • an embodiment of the present application provides a file encryption method, including: sending a first request to a universal flash memory host UFS controller through a processor, the first request is used to request storage of a target file; The device obtains the target random number corresponding to the target file; the UFS controller generates the second key corresponding to the target file according to the target random number and the pre-stored first key; the UFS controller generates the second key corresponding to the target file according to the second secret key. The key encrypts the above target file to obtain the encrypted target file.
  • the foregoing method further includes: obtaining the foregoing target file through the foregoing UFS controller.
  • the above method further includes: obtaining, through the UFS controller, the descriptor of the first request corresponding to the target file, and the descriptor includes the data unit number DUN;
  • the second key encrypts the target file to obtain the encrypted target file, including: dividing the target file into a plurality of file data blocks by the UFS controller; from the plurality of file data blocks by the UFS controller Starting from a file data block corresponding to the DUN, the multiple file data blocks are sequentially encrypted according to the second key to obtain an encrypted target file.
  • the above method further includes: when the target file is created by the processor, generating the target random number and the descriptor of the target file.
  • the above method further includes: extending the descriptor according to the target random number by the processor to obtain an extended descriptor, and the extended descriptor includes the target random number and the DUN.
  • Sending the expanded descriptor to the dynamic random access memory through the processor; acquiring the target random number corresponding to the target file through the UFS controller includes: using the UFS controller according to the first request, from the dynamic random number The aforementioned extended descriptor is acquired in the memory; the aforementioned target random number and the aforementioned DUN are acquired according to the aforementioned expanded descriptor through the aforementioned UFS controller.
  • the above method further includes: sending the target random number to the dynamic random access memory through the processor; and using the processor to base the descriptor on the storage address of the target random number and the value of the target random number.
  • the data length is expanded to obtain an expanded descriptor.
  • the expanded descriptor includes the storage address of the target random number, the data length of the target random number, and the DUN; and the processor sends the expanded descriptor to the dynamic random access memory through the processor.
  • the above-mentioned obtaining the target random number corresponding to the above-mentioned target file through the above-mentioned UFS controller includes: obtaining the above-mentioned extended descriptor from the above-mentioned dynamic random access memory according to the above-mentioned first request through the above-mentioned UFS controller; through the above-mentioned UFS The controller determines the storage address of the target random number in the expanded descriptor, and obtains the target random number according to the storage address of the target random number; the UFS controller obtains the first request corresponding to the target file
  • the descriptor includes: obtaining the DUN according to the expanded descriptor through the UFS controller.
  • the above method further includes: sending the descriptor to the dynamic random access memory through the processor; sending the storage address of the target random number to the address register in the UFS controller through the processor; Obtaining the target random number corresponding to the target file through the UFS controller includes: acquiring the descriptor from the dynamic random access memory through the UFS controller according to the first request; and acquiring the descriptor from the dynamic random access memory through the UFS controller according to the UFS controller. The storage address of the target random number stored in the address register is used to obtain the target random number.
  • the above method further includes: generating a variable parameter by a random number generator, the variable parameter is used to generate the second key; the UFS controller according to the target random number and pre-stored
  • the first key to generate the second key corresponding to the target file includes: generating a third key according to the target random number and the variable parameter by the UFS controller, wherein the variable parameter includes a first variable and a second variable , The first variable is used to identify the bit width of the second key, the second variable is a random number with a preset fixed bit width or a number with a preset fixed bit width that identifies the file attribute of the target file, wherein the first The preset fixed bit width of the two variables is determined by the bit width of the third key; the UFS controller generates the second key through a derived algorithm according to the third key and the pre-stored first key.
  • the target random number is a random number of file attributes
  • the bit width of the target random number includes one of the following bit widths: 128 bits, 192 bits, 256 bits, and 512 bits.
  • the above method further includes: storing the encrypted target file in a memory through the UFS controller; and storing the encrypted target file in the memory.
  • the above method further includes: sending a second request to the UFS controller through the processor, the second request being used to request to read the encrypted target file; and controlling through the UFS According to the second request, the device obtains the second key corresponding to the target file, decrypts the encrypted target file according to the second key, and reads it.
  • an embodiment of the present application provides a file encryption device, including: a first sending unit, configured to send a first request to a universal flash memory host UFS controller through a processor, and the first request is used to request a target file
  • the first acquisition unit is used to obtain the target random number corresponding to the target file through the UFS controller;
  • the key unit is used to generate the target random number and the pre-stored first key through the UFS controller
  • the second key corresponding to the target file; an encryption unit for encrypting the target file according to the second key by the UFS controller to obtain an encrypted target file.
  • the above-mentioned apparatus further includes: a second obtaining unit, configured to obtain the above-mentioned target file through the above-mentioned UFS controller.
  • the above-mentioned apparatus further includes: a third obtaining unit, configured to obtain, through the above-mentioned UFS controller, the descriptor of the above-mentioned first request corresponding to the above-mentioned target file, and the above-mentioned descriptor includes the data unit number DUN;
  • the encryption unit is specifically configured to: divide the target file into multiple file data blocks through the UFS controller; start from a file data block corresponding to the DUN among the multiple file data blocks through the UFS controller, and in turn according to the above The second key encrypts the multiple file data blocks to obtain the encrypted target file.
  • the above-mentioned apparatus further includes: a first generating unit, configured to generate the above-mentioned target random number and the above-mentioned descriptor of the above-mentioned target file when the above-mentioned processor is used to create the above-mentioned target file.
  • a first generating unit configured to generate the above-mentioned target random number and the above-mentioned descriptor of the above-mentioned target file when the above-mentioned processor is used to create the above-mentioned target file.
  • the above-mentioned apparatus further includes: a first extension unit, configured to extend the above-mentioned descriptor according to the above-mentioned target random number by the above-mentioned processor to obtain an extended descriptor, and the above-mentioned extended descriptor includes The above-mentioned target random number and the above-mentioned DUN; a second sending unit, configured to send the above-mentioned extended descriptor to a dynamic random access memory through the above-mentioned processor; and the above-mentioned first acquiring unit, specifically configured to: according to the above-mentioned first The request is to obtain the expanded descriptor from the dynamic random access memory; the UFS controller obtains the target random number and the DUN according to the expanded descriptor.
  • a first extension unit configured to extend the above-mentioned descriptor according to the above-mentioned target random number by the above-mentioned processor to obtain an extended descriptor
  • the above-mentioned apparatus further includes: a third sending unit, configured to send the above-mentioned target random number to the dynamic random access memory through the above-mentioned processor; and a second extension unit, configured to send the above-mentioned descriptor through the above-mentioned processor According to the storage address of the target random number and the data length extension of the target random number, an expanded descriptor is obtained.
  • the expanded descriptor includes the storage address of the target random number, the data length of the target random number, and the DUN
  • the third sending unit is configured to send the expanded descriptor to the dynamic random access memory through the above-mentioned processor; the above-mentioned first acquiring unit is specifically configured to: according to the above-mentioned first request through the above-mentioned UFS controller, from the above-mentioned dynamic random access
  • the expanded descriptor is acquired in the memory; the storage address of the target random number in the expanded descriptor is determined by the UFS controller, and the target random number is acquired according to the storage address of the target random number;
  • the third The obtaining unit is specifically configured to obtain the DUN according to the expanded descriptor through the UFS controller.
  • the above-mentioned device further includes: a fourth sending unit, configured to send the above-mentioned descriptor to the dynamic random access memory through the above-mentioned processor; and send the above-mentioned target to the address register in the UFS controller through the above-mentioned processor.
  • the storage address of the random number; the first obtaining unit is specifically configured to: obtain the descriptor from the dynamic random access memory through the UFS controller according to the first request; use the UFS controller according to the address in the UFS controller The storage address of the target random number stored in the register is used to obtain the target random number.
  • the above-mentioned device further includes: a second generation unit, configured to generate a variable parameter through a random number generator, the above-mentioned variable parameter is used to generate the above-mentioned second key; the above-mentioned key unit is specifically used to:
  • the UFS controller generates a third key according to the target random number and the variable parameter, wherein the variable parameter includes a first variable and a second variable, and the first variable is used to identify the bit width of the second key,
  • the second variable is a random number with a preset fixed bit width or a number that identifies the file attribute of the target file.
  • the preset fixed bit width of the second variable is determined by the bit width of the third key. Wide determination; the UFS controller generates the second key through a derived algorithm according to the third key and the pre-stored first key.
  • the target random number is a random number of file attributes
  • the bit width of the target random number includes one of the following bit widths: 128 bits, 192 bits, 256 bits, and 512 bits.
  • the above-mentioned device further includes: a first storage unit, configured to store the encrypted target file in a memory through the above UFS controller; and a second storage unit, configured to store the above-mentioned encrypted target file through the above-mentioned memory. After the target file.
  • the foregoing apparatus further includes: a fifth sending unit, configured to send a second request to the UFS controller through the foregoing processor, and the foregoing second request is used to request to perform the encryption on the encrypted target file. Read; a decryption unit for obtaining the second key corresponding to the target file according to the second request through the UFS controller, and decrypting the encrypted target file according to the second key before reading.
  • the embodiments of the present application provide a chip system that includes any device for supporting file encryption involved in the first aspect mentioned above.
  • the chip system may be composed of a chip, or may include a chip and Other discrete devices.
  • an embodiment of the present application provides a computer storage medium for storing computer software instructions used for the file encryption device provided in the first aspect, which includes a program for executing the program designed in the first aspect. .
  • the embodiments of the present application provide a computer program, the computer program includes instructions, when the computer program is executed by a computer, the computer can execute the process executed by the file encryption apparatus in the first aspect.
  • FIG. 1A is a schematic diagram of an application scenario when an audio recording file is encrypted and saved according to an embodiment of the present application.
  • Fig. 1B is a schematic diagram of an application scenario for saving downloaded files provided by an embodiment of the present application.
  • FIG. 1C is a schematic diagram of a file encryption architecture based on a UFS controller provided by an embodiment of the present application.
  • FIG. 1D is a schematic diagram of another file encryption architecture based on a UFS controller provided by an embodiment of the present application.
  • Figure 2 is a schematic diagram of a file encryption device provided by an embodiment of the present application.
  • Fig. 3 is a schematic flowchart of a file encryption method provided by an embodiment of the present application.
  • Fig. 4 is a schematic structural diagram of a transmission request descriptor UTRD provided by an embodiment of the present application.
  • FIG. 5 is a schematic structural diagram of an extended descriptor UTRD provided by an embodiment of the present application.
  • Fig. 6 is a schematic diagram of a file encryption algorithm framework applied in a UFS controller provided by an embodiment of the present application.
  • Fig. 7 is a schematic structural diagram of another file encryption device provided by an embodiment of the present application.
  • FIG. 8 is a schematic structural diagram of another file encryption device provided by an embodiment of the present application.
  • component used in this specification are used to denote computer-related entities, hardware, firmware, a combination of hardware and software, software, or software in execution.
  • the component may be, but is not limited to, a process, a processor, an object, an executable file, an execution thread, a program, and/or a computer running on a processor.
  • the application running on the computing device and the computing device can be components.
  • One or more components may reside in processes and/or threads of execution, and components may be located on one computer and/or distributed among two or more computers.
  • these components can be executed from various computer readable media having various data structures stored thereon.
  • the component may be based on, for example, data having one or more data packets (for example, data from two components interacting with another component in a local system, a distributed system, and/or a network, for example, the Internet that interacts with other systems through signals) Signals are communicated through local and/or remote processes.
  • data packets for example, data from two components interacting with another component in a local system, a distributed system, and/or a network, for example, the Internet that interacts with other systems through signals
  • Signals are communicated through local and/or remote processes.
  • UFS Universal Flash Storage
  • UFS Flash is one of the mainstream storage media in the mobile phone system, which can be the storage medium of the mobile phone chip system.
  • the exchange of data between the mobile phone SOC chip and UFS Flash is based on the mipi ufs protocol.
  • SSD Solid State Drive
  • flash chip flash memory
  • DRAM dynamic random access memory
  • AES Advanced Encryption Standard
  • the AES encryption process operates on a 4 ⁇ 4 byte matrix, this matrix is also called “state”, and its initial value is a plaintext block (The size of an element in the matrix is one Byte in the plaintext block).
  • the Rijndael encryption method supports larger blocks, and the number of matrix rows can be increased according to the situation.
  • each round of AES encryption cycle includes 4 steps, namely AddRoundKey, SubBytes, ShiftRows, And MixColumns.
  • KDF Key Derivation Functions
  • the function of the key derivation function is to derive key data from a shared secret bit string.
  • the key derivation function acts on the shared secret bit string obtained by the key exchange to generate the required session key or further encrypt the required key data.
  • CPU Central Processing Unit
  • the CPU includes arithmetic logic components, register components, and control components, and has functions such as processing instructions, executing operations, controlling time, and processing data.
  • Trusted execution environment which is an area on the processor CPU. The function of this area is to provide a safer space for data and code execution, and to ensure their confidentiality and integrity.
  • Register is a very important storage unit in integrated circuits, usually composed of flip-flops.
  • the register is an integral part of the central processing unit. Registers are high-speed storage components with limited storage capacity. They can be used to temporarily store instructions, data, and addresses.
  • the registers included are the instruction register (IR) and the program counter (PC).
  • the register In the arithmetic and logic components of the central processing unit, the register has an accumulator (ACC).
  • a physical block is the smallest storage and processing unit in the database, and contains the header data or PL/SQL code of the block itself.
  • the size of the block can be specified by selecting "Custom Installation" during installation.
  • the size of the block is generally between hundreds of KB to several MB.
  • Each block includes multiple pages, and the size of the page is generally 4KB Multiples of (such as 4KB or 16KB).
  • Double-rate synchronous dynamic random access memory Double Data Rate, DDR
  • DDR Double-rate synchronous dynamic random access memory
  • DLL Delay Locked Loop, extended Time-locked loop provides a data filtering signal
  • the storage controller can use this data filtering signal to accurately locate the data, output once every 16 times, and resynchronize the data from different memory modules.
  • DRAM Dynamic Random Access Memory
  • DRAM uses the amount of charge stored in a capacitor to represent 0 and 1. This is a binary bit (bit), the smallest unit of memory. That is, DRAM is the most common system memory. DRAM can only hold data for a short time. In order to retain data, DRAM uses capacitor storage, so it must be refreshed every certain period of time. If the memory cell is not refreshed, the stored information will be lost.
  • Scenario 1 When using the smart terminal, the user can encrypt and save the generated related files.
  • FIG. 1A is a schematic diagram of an application scenario when an encrypted recording file is saved according to an embodiment of the present application. As shown in Fig.
  • the smart terminal when the user finishes using the recording function of the mobile phone, the smart terminal can encrypt the recorded audio file through the SOC chip, and then store it in the memory. Therefore, when the user uses the smart terminal, the related data generated by the user can be encrypted and stored to ensure that the user's privacy is not leaked.
  • Scenario 2 The user connects to the Internet through a smart terminal, and after downloading the relevant data file, the data file can be encrypted and saved.
  • Figure 1B is a schematic diagram of an application scenario for saving downloaded files provided by an embodiment of the present application.
  • Figure 1B after a user downloads a file online, he can control the encryption through the file control module and the UFS controller, and store it in the memory.
  • the encrypted file greatly reduces the risk of the encrypted file being stolen. Therefore, when a user uses a smart terminal to download or receive a file sent by another smart terminal, the file is encrypted and stored, which can greatly avoid important information or privacy information leakage opportunities.
  • Figure 1C is a schematic diagram of a file encryption architecture based on a UFS controller provided by an embodiment of the present application.
  • the architecture shown in Figure 1C is mainly based on an SOC chip and is described from the perspective of file encryption storage.
  • the file encryption method based on the UFS controller proposed in this application can be applied to the system architecture.
  • the system architecture includes a processor 101 and a universal flash storage host controller (Universal Flash Storage Host Controller, UFSHC) coupled with the processor 101, that is, the UFS controller 102, and may also include: and the UFS controller 102 coupled memory 103, Double Data Rate DRAM controller (DDRC) 104, where, if the encryption architecture is applied to smart terminals (such as mobile phones, tablet computers, etc.), UFS controller 102 is equivalent
  • UFS controller 102 is equivalent
  • SSD solid state disk
  • FIG. 1D is a schematic diagram of another file encryption architecture based on a UFS controller provided in an embodiment of the present application.
  • the file encryption architecture based on the UFS controller may further include a random number generator 105 coupled with the UFS controller 102.
  • the UFS controller 102 can be independent of The processing device of the processor 101 is connected to the processor 101 and the memory 103 to perform operations such as file storage, file reading, and file encryption; and the double-rate dynamic random storage controller 103 can also be an independent storage device for Control the dynamic random access memory storage processor 101 to generate the target random number and descriptor of the target file, etc., which will not be repeated here.
  • the processor 101 when it creates a file, it can synchronously generate a target random number and a descriptor of the file, where the target random number (Meta Data) is randomly generated and has a random number with file attributes; the descriptor In this application, it can be understood as a UFS Transfer Request Descriptor (UTP Transfer Request Descriptor, UTRD).
  • the processor is further configured to send a first request to the UFS controller, where the first request is used to request storage or encrypted storage of the target file.
  • the UFS controller 102 After the UFS controller 102 receives the first request from the processor 101 for the target file, it can obtain the target random number of the target file corresponding to the first request according to the first request; and then according to the target random number and the pre-stored target random number.
  • the first key generates the second key corresponding to the target file; then the target file is encrypted by the second key to obtain the encrypted target file; the encrypted target file is stored in the Memory.
  • the random number generator 105 coupled with the UFS controller 102 can generate variable parameters, and the variable parameters are used to generate a second key for file encryption. After using the second key to encrypt, the variable parameter, the target random number and the encrypted file can be stored in the memory 103 together. So that when the file is read, the second secret key is determined according to the variable parameter corresponding to the target file and the target random number, and then the same second secret key is used to decrypt and read the encrypted file.
  • the random number generator 104 may be a true random number generator.
  • memory and dynamic random access memory are two different types of memory.
  • the memory is used to store encrypted files. It is a memory that stores data for a long time, that is, the encrypted files stored in the smart terminal/system after the power is off. Will be lost, such as: the mobile phone memory in the mobile phone; and the dynamic random access memory is used to temporarily store the target file before encryption, used to store random numbers, descriptors, etc., and is the memory for storing data for a short time, that is, the smart terminal/system interrupt Temporary files, stored random numbers, descriptors, etc. stored in it will be lost after power-up, such as the running memory in the mobile phone.
  • the processor 101, the UFS controller 102, and the double-rate dynamic random memory controller 104 may be integrated in one chip, or they may be integrated in different chips.
  • the embodiment of this application does not make specific details about this limited.
  • file encryption system architecture shown in FIG. 1C and FIG. 1D are only some exemplary implementations in the embodiments of the present application.
  • the file encryption system architecture in the embodiments of the present application includes but is not limited to the above file encryption system Architecture.
  • an embodiment of the present application also provides a diagram of a file encryption device applied to a smart phone terminal, which can be applied to the system architecture shown in FIG. 1D, please refer to FIG. 2, FIG. 2. It is a schematic diagram of a file encryption device provided by an embodiment of the present application. As shown in FIG.
  • the file encryption device 10 in the embodiment of the present application may include a processor 101, a UFS controller 102 coupled with the processor 101, a memory 103 coupled with the UFS controller 102, and the UFS A dynamic random access memory DRAM 113 coupled to the controller 102 and a double-rate dynamic random access memory controller 104 (DDRC), and a random number generator 105 coupled to the UFS controller 102.
  • the built-in logic module of the processor 101 may include: a trusted execution environment (Trust Execute Environment, TEE) 211, a file management module 212, and so on.
  • the built-in logic module of the UFS controller 102 may include: a key store (Key Store) 221, etc., the key store 221 is equivalent to the internal memory of the UFS controller, wherein the key store 221 may also include a storage target random The address register that stores the address of the number.
  • the built-in logic module of the dynamic random access memory DRAM 113 may include a first storage module 231 and a second storage module 232. among them,
  • the TEE211 in the processor can be used to configure the first key in the file encryption process. For example, after the system of the smart terminal to which the file encryption device belongs is powered on or when the UFS controller is initialized, the trusted execution environment TEE configures the first key (Class Key) in the Key Store of the UFS controller. In general, there are only 32 sets of ClassKeys in the UFS controller. Therefore, one of the most efficient solutions can be to configure 32 sets of ClassKeys to the KeyStore of the UFS controller by the TEE at one time when the UFS controller is initialized.
  • the file management module 212 in the processor can create a target file for storage or reading, etc., and can also synchronously generate the target random number of the file and the transmission request descriptor UTRD when creating the target file for encrypted storage of the file And decrypted read.
  • the Key Store 221 in the UFS controller 102 is equivalent to the memory/register inside the UFS controller for storing the first key issued by the TEE in the processor.
  • the memory may also include an address register, which is used to store the storage address of the target random number, so that the UFS controller can directly obtain the target random number according to the storage address stored in the register. So that the target file is encrypted.
  • the first storage module 231 in the dynamic random access memory 113 may be used to store the target random number.
  • the second storage module 232 in the dynamic random access memory 113 may be used to store the transmission request descriptor UTRD. It can be understood that the first storage module 231 and the second storage module 232 may be different storage areas in the same dynamic random access memory, or may be two different dynamic random access memories, which are not specifically limited for comparison in the embodiments of the present application.
  • the random number generator 105 can generate variable parameters, the variable parameters including a first variable and a second variable, the first variable is used to identify the bit width of the second key, and the second variable is a preset A random number with a fixed bit width or a number with a preset fixed bit width identifying the file attribute of the target file, wherein the preset fixed bit width of the second variable is determined by the bit width of the third key;
  • the second key is generated through a derived algorithm according to the third key and the pre-stored first key.
  • the random number generator 105 may be a true random number generator.
  • the structure of the file encryption device shown in FIG. 2 is only a partial exemplary implementation in the embodiments of the present application, and the structure of the file encryption device in the embodiments of the present application includes but is not limited to the above file encryption device structure.
  • FIG. 3 is a schematic flowchart of a file encryption method provided by an embodiment of the present application.
  • the method can be applied to the file encryption system architecture shown in FIG. 1C and FIG. 1D and the file encryption device shown in FIG. 2 Among them, the file encryption device 10 shown in FIG. 2 can be used to support and execute steps S301 to S306 of the method flow shown in FIG. 3.
  • Step S301 Send a first request to the universal flash memory host UFS controller through the processor.
  • the processor sends a first request to the universal flash memory host UFS controller, where the first request is used to request storage of the target file.
  • the file management module in the processor may send a first request for storing the target file to the UFS controller.
  • the first request may be a UFS Transport Request (UFS Transport) in this application. Protocol Transfer Request), that is, UTP Transfer Request.
  • the first request may also be used to request encrypted storage of the target file.
  • the target file is obtained through the UFS controller. It is understandable that after receiving the first request, the UFS controller can obtain the target file identified or carried in the first request to encrypt it.
  • the way the UFS controller obtains the file may include: the UFS controller receives the target file sent by the file management module in the processor, for example: the file management module directly sends the target file to the UFS controller after creating the target file Or, the UFS controller then obtains the target file from the dynamic random access memory (ie, temporary memory) according to the first request sent by the file management module in the processor, where the dynamic random access memory can be used for temporary storage in the processor
  • the target file created by the file management module of the file management module for example: after the file management module creates the target file, it stores the target file in the dynamic random access memory, and sends the storage address to the UFS controller together with the first request.
  • the UFS The controller obtains the target file according to the storage address.
  • the target random number and the descriptor of the target file are generated.
  • the file management module in the processor creates the target file, and can generate the target random number (Meta Data) and the transmission request descriptor UTRD of the target file.
  • the target random number can uniquely correspond to the target file, and is an identifier for the uniqueness of the file. It is understandable that the random numbers corresponding to the files are different between different files. Therefore, use and When the target file is encrypted with the unique random number corresponding to the target file, the encryption level of the target file can be better improved to ensure the information security of the target file.
  • Descriptors can be used to provide a data unit number (DUN) when the target file is encrypted in this embodiment of the application. It should also be noted that there are multiple descriptors corresponding to the file (for example, description for reading). Symbol), different commands or requests correspond to different descriptors, that is, different types of descriptors correspond to different functions.
  • the descriptor mentioned in this application can be understood as the UFS Transfer Request Descriptor (UTRD).
  • UTRD UFS Transfer Request Descriptor
  • the target random number and the descriptor of the target file are generated, which can ensure that the corresponding random numbers and descriptors of different files are different, which ensures that the file is encrypted.
  • the encryption level increases the difficulty of cracking the encrypted target file by criminals.
  • the target random number is a random number of a file attribute
  • the bit width of the target random number includes one of the following bit widths: 128 bits, 192 bits, 256 bits, and 512 bits.
  • the bit width of the target random number can be 128bit, 192bit, 256bit, or 512bit.
  • bit widths of other values are also applicable to file encryption in this embodiment of the application.
  • the target random number is to encrypt the target file.
  • the encryption algorithm used in the encryption process for different digits of random numbers may be the same or different. When the digits of the random number are higher, the corresponding encryption The algorithm may be more complicated, that is, the calculation process is more cumbersome, the higher the security performance, and the more conducive to file protection.
  • Step S302 Obtain the target random number corresponding to the target file through the UFS controller.
  • the target random number (Meta Data) corresponding to the target file is obtained through the UFS controller.
  • the target random number can be used in the encryption process together with the initial key to generate the file key used to encrypt the target file (that is, the second key in this application), because the target file only Uniquely corresponds to a target random number, so the file key determined according to the target random number can ensure the uniqueness of the file key. Therefore, the UFS controller needs to obtain the target random number first before encrypting the file.
  • Step S303 Obtain the first request descriptor corresponding to the target file through the UFS controller.
  • the descriptor of the first request corresponding to the target file is obtained through the UFS controller, and the descriptor includes a data unit number DUN.
  • FIG. 4 is a schematic structural diagram of a transmission request descriptor UTRD provided by an embodiment of the present application.
  • the UFS controller needs to determine the initial encryption object of the target file according to the DUN value in the transmission request descriptor UTRD (for example: lines DW1 and DW3 shown in Figure 4), and
  • the target descriptor also includes the storage address of the storage command, etc. (as shown in rows DW4 and DW5 in FIG. 4).
  • the storage command can be used by the UFS controller to control the target file to perform an encrypted storage operation according to the storage command.
  • the embodiment of the present application does not specifically limit the sequence of performing step S302 and step S303.
  • the embodiment of the application may first obtain the target random number corresponding to the target file and then obtain the descriptor, or first obtain the descriptor and then obtain the target random number corresponding to the target file, or the target random number corresponding to the target file and the descriptor simultaneously Obtain.
  • the processor sends the extended descriptor to the dynamic random access memory.
  • the obtaining the target random number corresponding to the target file by the UFS controller includes: obtaining the extended descriptor from the dynamic random access memory by the UFS controller according to the first request;
  • the UFS controller obtains the target random number and the DUN according to the expanded descriptor. It is understandable that if the UFS controller wants to encrypt the target file with the target random number, it must first obtain the target random number, and the target random number is generated by the file management module in the processor and the descriptor together.
  • the UFS controller can obtain the target random number by obtaining the extended descriptor, that is, one of the ways that the UFS controller obtains the target random number based on the JESD223D protocol.
  • FIG. 5 is a schematic structural diagram of an extended descriptor UTRD provided by an embodiment of the present application.
  • the 128-bit target random number is in the DW8-DW11 row area of the extended descriptor UTRD. It should be noted that when the number of bits of the target random number increases, the extended descriptor UTRD The number of rows also increases.
  • the file management module in the processor when the file management module in the processor generates the target random number and the descriptor, it adds the target random number to the descriptor UTRD, that is, the extended descriptor can be made
  • the UTRD can carry the target random number and be stored in the dynamic random access memory, and then the UFS controller can obtain the target random number by obtaining the extended descriptor, and then generate the key according to the target random number after obtaining the target random number.
  • the method of obtaining the key ensures that only the target random number will appear in the file management module (ie, the software level) of the processor, and the root key (ie, the second key) is derived from the hardware logic, not It will be perceived and/or acquired by the software, so the security factor of the key will be improved.
  • the expanded descriptor; the obtaining the target random number corresponding to the target file by the UFS controller includes: obtaining, by the UFS controller, from the dynamic random access memory according to the first request.
  • the file management module in the processor After the file management module in the processor generates the target random number and stores the target random number in the dynamic random access memory, it can add the storage address of the target random number and the data length of the target random number to the descriptor UTRD That is, the extended descriptor UTRD can carry the storage address and data length of the target random number by extending the descriptor, and the UFS controller can obtain the target random number through the storage address and data length. , And the extended descriptor can also get the DUN value.
  • the extension method can be to add two lines DW8 and DW9 to the descriptor shown in Figure 4, where line DW8 can be added in the form of line DW4, line DW8 includes the storage address of the target random number, line DW9 can be The DW5 line is added, and the DW9 line includes the data length of the target random number. Therefore, based on the JESD223D protocol, the UFS controller can obtain the target random number by obtaining the storage address in the extended descriptor. After obtaining the target random number, the key is generated according to the target random number.
  • the method of obtaining the key also ensures that only the target random number will appear in the file management module (ie, software level) of the processor, and the root secret
  • the key ie, the second key
  • the second key is derived from the hardware logic according to the first key, and will not be perceived and obtained by the software. Therefore, the security factor of the key will be improved and the criminals will be greatly reduced. The risk of cracking the file after stealing the key.
  • the descriptor is sent to a dynamic random access memory through the processor; the storage address of the target random number is sent to the address register in the UFS controller through the processor; and the UFS is sent through the UFS
  • the controller acquiring the target random number corresponding to the target file includes: acquiring the descriptor from the dynamic random access memory through the UFS controller according to the first request; and acquiring the descriptor through the UFS controller according to the The storage address of the target random number stored in the address register in the UFS controller is used to obtain the target random number. It is understandable that if the UFS controller wants to encrypt the target file with the target random number, it must first obtain the target random number, and the target random number is generated by the file management module in the processor and the descriptor together.
  • the UFS controller can also receive the storage address of the target random number directly sent by the file management module to the address register of the key bank, according to the storage address Get the target random number. That is, you can control the UFS controller to add the address register of Meta Data (target random number) to the Register Space (key library) in the case of IO Memory/Register Space based on the extended protocol.
  • the implementation method can refer to this protocol.
  • the UTRLBA/UTRLBAU registers part in. It is also understandable that the target random number is sent to a dynamic random access memory for storage through the processor.
  • the UFS controller when the UFS controller receives a UTP Transfer Request (first request), it reads the storage address of Meta Data through the Address register, and then obtains Meta Data according to the storage address. At the same time, the UFS controller can also read the descriptor UTRD from the Memory Space through the UTRLBA/UTRLBAU registers when receiving a UTP Transfer Request (first request).
  • This file management module directly sends the target random number to the UFS controller, and the UFS controller generates an encrypted key according to the target random number. This method also ensures that only the target random number will appear in the file management module of the processor ( That is, in the software level), the first key only exists in the trusted execution environment TEE and UFS controller, so that the security factor of the key is improved.
  • the embodiment of this application can obtain the target random number through at least three acquisition methods, and then generate the key according to the acquired target random number, which ensures that the key only exists in the hardware and does not appear in the software.
  • the software level only the target random number is stored, which greatly reduces the risk of key leakage and improves the encryption level of the target file.
  • this method of obtaining the target random number will not affect the storage efficiency of the target file, saving Resources.
  • Step S304 The UFS controller generates a second key corresponding to the target file according to the target random number and the pre-stored first key.
  • the UFS controller generates a second key corresponding to the target file according to the target random number and a pre-stored first key, where the first key is the initial key of the hardware configuration, and the first key is the initial key of the hardware configuration.
  • the second key is the key used to encrypt the target file.
  • the file key used to encrypt the target file is generated through the combination of the random number and the initial key, which can guarantee one file and one key, which improves the security of the encrypted target file coefficient.
  • the pre-stored first key Class Key ie, the initial key
  • the pre-stored first key Class Key is configured to UFS once by the trusted execution environment TEE in the processor after the system is powered on or when the UFS controller is initialized.
  • the embodiment of this application avoids the frequent interaction between the trusted execution environment TEE and the UFS controller, and generates the first key for file encryption through the target random number and the first key.
  • Two keys, one document and one secret, the possibility of being compromised is almost zero, which improves the security factor of the file key, greatly reduces the possibility of being compromised, and also improves the efficiency of use.
  • the hardware in the embodiment of this application can achieve security authentication (Protection Profile for Mobile Device, MDPP) 3.0 key system.
  • a random number generator may be used to generate variable parameters, and the variable parameters are used to generate the second key; the UFS controller randomly generates the second key according to the target. Generating a second key corresponding to the target file by using the UFS controller according to the target random number and the variable parameter, wherein the UFS controller generates a third key according to the target random number and the variable parameter.
  • Variable parameters include a first variable and a second variable. The first variable is used to identify the bit width of the second key, and the second variable is a random number with a preset fixed bit width or identifies the target file.
  • the third key is generated according to the target random number, the first variable parameter, and the second variable parameter, and the third key uniquely corresponds to the target file. Furthermore, it is based on the third key and the pre-stored first secret. The second key generated by the key is also unique. Therefore, the one-file-one-key encryption method greatly improves the encryption level of the file and reduces the risk of the file being stolen.
  • FIG. 6 is a schematic diagram of a file encryption algorithm framework applied in a UFS controller provided by an embodiment of the present application.
  • the third key FixData can be generated according to the target random number, the first variable L, and the second variable label through the root key module fixdataGEN.
  • Fix data Gen has three input variables, Mata Data, label, and L, and outputs a third key Fix Data with a fixed bit width.
  • the L variable is a value representing the fixed bit width of the third key
  • the Label variable can be randomly generated by the hardware random number generator trng to represent the attributes of the target file, or it can be a fixed bit width value.
  • the third key can be obtained by directly concatenating the three variables of Mata Data, label, and L.
  • the specific algorithm for generating the third key Fix Data can also be found in the NIST Special Publication 800-108 protocol, which will not be repeated here in this application.
  • the UFS controller also needs to generate a second key for file encryption through a derivative algorithm based on the third key and the pre-stored first key. key.
  • the second key is derived from hardware logic and cannot be sensed and obtained by software, which reduces the risk of being stolen by criminals.
  • the derived algorithm KDF
  • KDF Key Derivation Functions
  • the KDF may include one of the following algorithms: CMAC algorithm, HMAC algorithm, and so on.
  • the second key FEK can be generated by the key derivation module NIST-KDF according to the third key FixData and the first key ClassKey, and the derivation algorithm used is a 256-bit CMAC algorithm.
  • the bit width of the second key FEK is determined by the third key Fix Data and the first key Class Key.
  • the specific algorithm for generating the second key FEK can also be found in the NIST Special Publication 800-108 protocol, which will not be repeated here in this application.
  • Step S305 The UFS controller encrypts the target file according to the second key to obtain the encrypted target file.
  • the UFS controller encrypts the target file according to the second key to obtain the encrypted target file.
  • the target file can be encrypted by an encryption algorithm according to the second key and then saved, where the encryption algorithm can be a symmetric encryption algorithm, for example:
  • the encryption algorithm may include at least one of the following methods: Advanced Encryption Standard (AES), Data Encryption Standard Lightweight Extension (DESL), International Data Encryption Algorithm (IDEA), and so on.
  • the encrypting the target file by the UFS controller according to the second key to obtain the encrypted target file includes: dividing the target file into multiple files by the UFS controller File data blocks; the UFS controller starts from a file data block corresponding to the DUN in the plurality of file data blocks, and sequentially encrypts the plurality of file data blocks according to the second key to Obtain the encrypted target file.
  • the embodiment of the present application can divide the target file into multiple sets of file data blocks, and then use the block encryption algorithm in the advanced encryption standard to encrypt the target file.
  • the block encryption algorithm block length can be 128 bits, and the block encryption algorithm can be 128 bits long.
  • the key length can be 128-bit, 192-bit or 256-bit encryption algorithm, which can greatly improve the efficiency of file encryption and storage, and also improve the encryption level of file encryption.
  • the size of the packet file block may be 128 bits, 256 bits, etc., which is not limited in the embodiment of the present application.
  • plaintext[j] in Figure 6 is the data plaintext of the j-th block, with a size of 128bit; i in Figure 6 is an adjustment parameter.
  • the first The adjustment parameters of the block are initialized with the DUN value in the UTRD, and the adjustment parameters of the subsequent block will be compensated and adjusted according to the DUN value in the first UTRD;
  • a[j] is the calculation component related to the block[j];
  • Cipher Text[j ] Is the ciphertext obtained after plaintext encryption of the j-th block data;
  • AES-ENC AES128 block encryption algorithm
  • AES-DEC AES128 block decryption algorithm
  • the UFS controller After the UFS controller obtains the file data of a predetermined length (such as 128bit) from the DRAM (that is, plaintext[j] in Figure 6), it uses FEK as the file key and the input parameters such as i, which are encrypted and stored in the memory. , And finally notify the file management module in the processor that the storage is complete.
  • a predetermined length such as 128bit
  • Step S306 Store the encrypted target file in the memory.
  • the encrypted target file is stored in a memory
  • the encrypted target file is stored in the memory
  • the file management module in the processor is notified that the storage is completed.
  • the memory may be a solid-state hard drive of the smart terminal, UFS Flash (UFS Flash), solid-state memory, etc., which can effectively save the target file after the smart terminal encrypts the file.
  • a second request is sent to the UFS controller through the processor, and the second request is used to request to read the encrypted target file;
  • the second request is to obtain the second key corresponding to the target file, decrypt the encrypted target file according to the second key, and read it.
  • the UFS controller receives a request to read the encrypted file, it can read and decrypt the encrypted file according to the second secret key derived from the read request.
  • the target file can only be read when there is a second key, which is conducive to the confidentiality of the target file.
  • the second key is derived from the hardware logic, and the software cannot perceive and obtain it, reducing the stolen by criminals. risk.
  • ufshc reads data of a predetermined length from the specified address in the ufs device (consistent with the predetermined length of the file obtained during encryption), use FEK as the file key and input parameters such as i, and store it to the specified address of DRAM after decryption Finally, the file management module in the processor is notified that the reading is complete.
  • the UFS controller can obtain the random number corresponding to the target file through the first request sent by the processor; then generate the second key after encrypting it according to the random number and the pre-stored first key, and finally according to The second key encrypts the target file.
  • first key when encrypting different files, on the basis of the same initial key (first key), different file keys (second key) can be generated through different random numbers corresponding to different files, and finally according to different Different file keys corresponding to the files respectively encrypt different files, and each file has a unique file key corresponding to it.
  • the key is derived from the hardware logic and will not be perceived and acquired by the software. Therefore, the security factor of the key will be greatly improved, and the possibility of being compromised is almost zero. It also improves the target file’s security. Encryption level. Finally, the chip implementation can ensure the functional isolation of the TEE and the file management module, the best security performance, and the file storage efficiency will not be affected.
  • the file encryption device 20 may include a first sending unit 701, a first obtaining unit 702, a key unit 703, and an encryption unit. 704, it may also include a second acquisition unit 705, a third acquisition unit 706, a first generation unit 707, a first extension unit 708, a second sending unit 709, a third sending unit 710, a second extension unit 711, and a third sending unit.
  • each unit is as follows.
  • the first sending unit 701 is configured to send a first request to the universal flash memory host UFS controller through the processor, where the first request is used to request storage of a target file;
  • the first obtaining unit 702 is configured to obtain the target random number corresponding to the target file through the UFS controller;
  • a key unit 703, configured to generate a second key corresponding to the target file according to the target random number and a pre-stored first key through the UFS controller;
  • the encryption unit 704 is configured to encrypt the target file according to the second key through the UFS controller to obtain an encrypted target file.
  • the device further includes: a second obtaining unit 705, configured to obtain the target file through the UFS controller.
  • the device further includes: a third obtaining unit 706, configured to obtain, through the UFS controller, the descriptor of the first request corresponding to the target file, the descriptor including Data unit number DUN; the encryption unit 704 is specifically configured to: divide the target file into a plurality of file data blocks by the UFS controller; obtain data from the plurality of file data blocks by the UFS controller Starting from a file data block corresponding to the DUN, the multiple file data blocks are sequentially encrypted according to the second key to obtain the encrypted target file.
  • a third obtaining unit 706, configured to obtain, through the UFS controller, the descriptor of the first request corresponding to the target file, the descriptor including Data unit number DUN
  • the encryption unit 704 is specifically configured to: divide the target file into a plurality of file data blocks by the UFS controller; obtain data from the plurality of file data blocks by the UFS controller Starting from a file data block corresponding to the DUN, the multiple file data blocks are sequentially encrypted according to the second key to obtain the encrypted target file.
  • the device further includes: a first generating unit 707, configured to generate the target random number and the target random number of the target file and the target file when the target file is created by the processor. Descriptor.
  • the apparatus further includes: a first extension unit 708, configured to extend the descriptor according to the target random number by the processor to obtain an extended descriptor, and The extended descriptor includes the target random number and the DUN; the second sending unit 709 is configured to send the extended descriptor to the dynamic random access memory through the processor; the first acquiring unit 702, Specifically, the UFS controller is used to obtain the extended descriptor from the dynamic random access memory according to the first request; and the UFS controller obtains the extended descriptor according to the extended descriptor. The target random number and the DUN.
  • the apparatus further includes: a third sending unit 710, configured to send the target random number to a dynamic random access memory through the processor; and a second extension unit 711, configured to communicate through the The processor expands the descriptor according to the storage address of the target random number and the data length of the target random number to obtain an expanded descriptor, where the expanded descriptor includes the storage address of the target random number , The data length of the target random number and the DUN; a third sending unit 712, configured to send the extended descriptor to the dynamic random access memory through the processor; the first acquiring unit 702, It is specifically used to: obtain the extended descriptor from the dynamic random access memory by the UFS controller according to the first request; and determine all of the extended descriptors by the UFS controller.
  • the storage address of the target random number, and obtain the target random number according to the storage address of the target random number; the third obtaining unit 706 is specifically configured to: use the UFS controller according to the extended description The character gets the DUN.
  • the device further includes: a fourth sending unit 713, configured to send the descriptor to the dynamic random access memory through the processor; and send the descriptor to the UFS controller through the processor
  • the address register of the UFS sends the storage address of the target random number
  • the first obtaining unit 702 is specifically configured to: obtain the descriptor from the dynamic random access memory according to the first request through the UFS controller ; Obtain the target random number by the UFS controller according to the storage address of the target random number stored in the address register in the UFS controller.
  • the device further includes: a second generating unit 714, configured to generate a variable parameter through a random number generator, the variable parameter being used to generate the second key; the key The unit 703 is specifically configured to generate a third key according to the target random number and the variable parameter through the UFS controller, where the variable parameter includes a first variable and a second variable, and the first variable is used for To identify the bit width of the second key, the second variable is a random number with a preset fixed bit width or a number with a preset fixed bit width that identifies the file attribute of the target file, wherein the second variable The preset fixed bit width is determined by the bit width of the third key; the UFS controller generates the first key through a derived algorithm according to the third key and the pre-stored first key Two keys.
  • a second generating unit 714 configured to generate a variable parameter through a random number generator, the variable parameter being used to generate the second key
  • the key The unit 703 is specifically configured to generate a third key according to the target random number and the
  • the target random number is a random number of a file attribute
  • the bit width of the target random number includes one of the following bit widths: 128 bits, 192 bits, 256 bits, and 512 bits.
  • the device further includes: a first storage unit 715, configured to store the encrypted target file in a memory through the UFS controller; and a second storage unit 716, configured to access The memory stores the encrypted target file.
  • the device further includes: a fifth sending unit 717, configured to send a second request to the UFS controller through the processor, and the second request is used to request a request to the UFS controller.
  • the encrypted target file is read;
  • the decryption unit 718 is configured to obtain the second key corresponding to the target file according to the second request through the UFS controller, and convert the second key corresponding to the target file according to the second key.
  • the encrypted target file is read after decryption.
  • each functional unit in the file encryption device 20 described in the embodiment of the present application can be referred to the related description of step S301 to step S306 in the method embodiment described in FIG. 3, which will not be repeated here. .
  • FIG. 8 is a schematic structural diagram of another file encryption apparatus provided by an embodiment of the present application.
  • the apparatus 30 includes at least one processor 801, at least one memory 802, and at least one UFS controller 803.
  • the device may also include general components such as antennas, which will not be described in detail here.
  • the processor 801 may be a general-purpose central processing unit (CPU), a microprocessor, an application-specific integrated circuit (ASIC), or one or more integrated circuits for controlling the execution of the programs of the above solutions.
  • CPU central processing unit
  • ASIC application-specific integrated circuit
  • the UFS controller 803 which may be a solid state hard disk, is composed of a control unit and a storage unit.
  • the memory 802 may be a read-only memory (ROM) or other types of static storage devices that can store static information and instructions, random access memory (RAM), or other types that can store information and instructions
  • the dynamic storage device can also be electrically erasable programmable read-only memory (Electrically Erasable Programmable Read-Only Memory, EEPROM), CD-ROM (Compact Disc Read-Only Memory, CD-ROM) or other optical disc storage, optical disc storage (Including compact discs, laser discs, optical discs, digital versatile discs, Blu-ray discs, etc.), magnetic disk storage media or other magnetic storage devices, or can be used to carry or store desired program codes in the form of instructions or data structures and can be used by a computer Any other media accessed, but not limited to this.
  • the memory can exist independently and is connected to the processor through a bus.
  • the memory can also be integrated with the processor.
  • the memory 802 is used to store application program codes for executing the above solutions, and is controlled and executed by the processor 801 and the UFS controller 803.
  • the processor 801 and the UFS controller 803 are configured to execute application program codes stored in the memory 802.
  • the code stored in the memory 802 can execute the file encryption method provided in FIG. 3 above.
  • the processor sends a first request to the universal flash memory host UFS controller, and the first request is used to request storage of the target file;
  • the controller obtains the target random number corresponding to the target file;
  • the UFS controller generates the second key corresponding to the target file according to the target random number and the pre-stored first key; and the UFS controls
  • the device encrypts the target file according to the second key to obtain an encrypted target file.
  • each functional unit in the file encryption device 30 described in the embodiment of the present application can refer to the related descriptions of step S301 to step S306 in the method embodiment described in FIG. 3, which will not be repeated here. .
  • the disclosed device may be implemented in other ways.
  • the device embodiments described above are only illustrative, for example, the division of the above-mentioned units is only a logical function division, and there may be other divisions in actual implementation, for example, multiple units or components can be combined or integrated. To another system, or some features can be ignored, or not implemented.
  • the displayed or discussed mutual coupling or direct coupling or communication connection may be indirect coupling or communication connection through some interfaces, devices or units, and may be in electrical or other forms.
  • the units described above as separate components may or may not be physically separate, and the components displayed as units may or may not be physical units, that is, they may be located in one place, or they may be distributed on multiple network units. Some or all of the units may be selected according to actual needs to achieve the objectives of the solutions of the embodiments.
  • the functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units may be integrated into one unit.
  • the above-mentioned integrated unit can be implemented in the form of hardware or software functional unit.
  • the above integrated unit is implemented in the form of a software functional unit and sold or used as an independent product, it can be stored in a computer readable storage medium.
  • the technical solution of the present application essentially or the part that contributes to the existing technology or all or part of the technical solution can be embodied in the form of a software product, and the computer software product is stored in a storage medium , Including several instructions to enable a computer device (which may be a personal computer, a server or a network device, etc., specifically a processor in a computer device) to execute all or part of the steps of the above methods of the various embodiments of the present application.
  • the aforementioned storage media may include: U disk, mobile hard disk, magnetic disk, optical disk, read-only memory (Read-Only Memory, abbreviation: ROM) or Random Access Memory (Random Access Memory, abbreviation: RAM), etc.
  • U disk mobile hard disk
  • magnetic disk magnetic disk
  • optical disk read-only memory
  • Read-Only Memory abbreviation: ROM
  • Random Access Memory Random Access Memory

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Automation & Control Theory (AREA)
  • Storage Device Security (AREA)

Abstract

Appareil de chiffrement de fichier, comprenant : un processeur, un dispositif de commande de mémoire flash universelle (UFS) couplé au processeur, et une mémoire couplée au dispositif de commande UFS. Le processeur est utilisé pour envoyer une première demande au dispositif de commande UFS (S301), la première demande étant utilisée pour demander le stockage d'un fichier cible. Le dispositif de commande UFS est utilisé pour : acquérir un nombre aléatoire cible correspondant au fichier cible (S302) ; générer, en fonction du nombre aléatoire cible et d'une première clé pré-stockée, une seconde clé correspondant au fichier cible (S304) ; chiffrer le fichier cible au moyen de la seconde clé, de façon à obtenir un fichier cible chiffré (S305) ; et stocker le fichier cible chiffré dans la mémoire. La mémoire est utilisée pour stocker le fichier cible chiffré (S306). Au moyen de l'appareil décrit dans un premier aspect, dans le cas d'une grande efficacité de stockage, le mode de chiffrement d'un fichier avec une clé peut encore être assuré, ce qui améliore le niveau de chiffrement d'un fichier.
PCT/CN2020/137923 2019-12-23 2020-12-21 Procédé de chiffrement de fichier et appareil associé WO2021129557A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN201911343064.0A CN113094718A (zh) 2019-12-23 2019-12-23 一种文件加密方法及相关装置
CN201911343064.0 2019-12-23

Publications (1)

Publication Number Publication Date
WO2021129557A1 true WO2021129557A1 (fr) 2021-07-01

Family

ID=76575203

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2020/137923 WO2021129557A1 (fr) 2019-12-23 2020-12-21 Procédé de chiffrement de fichier et appareil associé

Country Status (2)

Country Link
CN (1) CN113094718A (fr)
WO (1) WO2021129557A1 (fr)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN113486373A (zh) * 2021-07-13 2021-10-08 苏州医沃智控科技有限公司 eCTD通用技术文档递交管理方法及系统
CN114826696B (zh) * 2022-04-08 2023-05-09 中国电子科技集团公司第三十研究所 文件内容分级共享方法、装置、设备及介质
CN115599025B (zh) * 2022-12-12 2023-03-03 南京芯驰半导体科技有限公司 芯片阵列的资源成组控制系统、方法及存储介质
CN116881934B (zh) * 2023-06-05 2024-02-23 珠海妙存科技有限公司 一种数据的加解密方法、系统、装置及存储介质

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102377564A (zh) * 2011-11-15 2012-03-14 华为技术有限公司 私钥的加密方法及装置
CN104184586A (zh) * 2013-05-20 2014-12-03 硅工厂股份有限公司 消息认证码生成方法,实现该方法的认证装置及认证请求装置
US20170054550A1 (en) * 2015-08-20 2017-02-23 Samsung Electronics Co., Ltd. Crypto devices, storage devices having the same, and encryption and decryption methods thereof
CN107332670A (zh) * 2017-08-11 2017-11-07 北京中天信安科技有限责任公司 基于ufs接口的安全控制装置、系统、方法和移动设备
CN110046506A (zh) * 2017-12-27 2019-07-23 三星电子株式会社 存储设备和包括存储设备的存储系统及使用其进行操作的方法
CN110059499A (zh) * 2019-03-22 2019-07-26 华为技术有限公司 一种文件访问权限认证方法及电子设备

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3547195B1 (fr) * 2016-12-29 2020-11-25 Huawei Technologies Co., Ltd. Système sur puce et procédé de changement de systèmes d'exploitation sécurisés
US10802736B2 (en) * 2017-07-27 2020-10-13 Qualcomm Incorporated Power down mode for universal flash storage (UFS)
CN110110548B (zh) * 2019-04-12 2022-11-11 深圳市中易通安全芯科技有限公司 基于加密芯片的可信执行环境下文件加密存储的相关方法

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN102377564A (zh) * 2011-11-15 2012-03-14 华为技术有限公司 私钥的加密方法及装置
CN104184586A (zh) * 2013-05-20 2014-12-03 硅工厂股份有限公司 消息认证码生成方法,实现该方法的认证装置及认证请求装置
US20170054550A1 (en) * 2015-08-20 2017-02-23 Samsung Electronics Co., Ltd. Crypto devices, storage devices having the same, and encryption and decryption methods thereof
CN107332670A (zh) * 2017-08-11 2017-11-07 北京中天信安科技有限责任公司 基于ufs接口的安全控制装置、系统、方法和移动设备
CN110046506A (zh) * 2017-12-27 2019-07-23 三星电子株式会社 存储设备和包括存储设备的存储系统及使用其进行操作的方法
CN110059499A (zh) * 2019-03-22 2019-07-26 华为技术有限公司 一种文件访问权限认证方法及电子设备

Also Published As

Publication number Publication date
CN113094718A (zh) 2021-07-09

Similar Documents

Publication Publication Date Title
WO2021129557A1 (fr) Procédé de chiffrement de fichier et appareil associé
WO2021114891A1 (fr) Procédé de chiffrement et procédé de déchiffrement de clé, et procédé de chiffrement et procédé de déchiffrement de données
WO2018024056A1 (fr) Procédé de gestion de mot de passe d'utilisateur, et serveur
US20170222988A1 (en) Device, system, and method for processor-based data protection
AU2013101034A4 (en) Registration and authentication of computing devices using a digital skeleton key
US11308241B2 (en) Security data generation based upon software unreadable registers
US20130290733A1 (en) Systems and methods for caching security information
US20130290734A1 (en) Systems and methods for caching security information
US9405919B2 (en) Dynamic encryption keys for use with XTS encryption systems employing reduced-round ciphers
JP2017538353A (ja) モバイル端末上のデータを暗号化/復号化するための方法及び装置
US20160142486A1 (en) Data-access system and method for storing data and reading data
WO2023051337A1 (fr) Procédé et appareil de traitement de données, dispositif, et support de stockage
US20170374014A1 (en) Dynamic credential based addressing
CN106203141A (zh) 一种应用的数据处理方法和装置
US9819493B2 (en) Enhanced security for media encryption
US8751819B1 (en) Systems and methods for encoding data
WO2017067513A1 (fr) Procédé de traitement de données et passerelle de stockage
US20210232509A1 (en) Storage Controller, And File Processing Method, Apparatus, And System
TW202008744A (zh) 動態密碼密鑰擴展
US9712324B2 (en) Methods and apparatuses for reducing or eliminating unauthorized access to tethered data
WO2019223098A1 (fr) Procédé et dispositif de lecture et d'écriture de fichier
US9697372B2 (en) Methods and apparatuses for securing tethered data
WO2020044095A1 (fr) Procédé et appareil de chiffrement de fichiers, dispositif, terminal, serveur et support d'informations lisible par ordinateur
US20230093105A1 (en) Method of dynamically loading encryption engine
US20130198528A1 (en) Modifying a Length of an Element to Form an Encryption Key

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20905547

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20905547

Country of ref document: EP

Kind code of ref document: A1