WO2022261865A1 - Procédé de démarrage sécurisé de puce et puce - Google Patents

Procédé de démarrage sécurisé de puce et puce Download PDF

Info

Publication number
WO2022261865A1
WO2022261865A1 PCT/CN2021/100403 CN2021100403W WO2022261865A1 WO 2022261865 A1 WO2022261865 A1 WO 2022261865A1 CN 2021100403 W CN2021100403 W CN 2021100403W WO 2022261865 A1 WO2022261865 A1 WO 2022261865A1
Authority
WO
WIPO (PCT)
Prior art keywords
key
chip
phase
startup
parameter
Prior art date
Application number
PCT/CN2021/100403
Other languages
English (en)
Chinese (zh)
Inventor
王博
Original Assignee
华为技术有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 华为技术有限公司 filed Critical 华为技术有限公司
Priority to PCT/CN2021/100403 priority Critical patent/WO2022261865A1/fr
Priority to CN202180099358.2A priority patent/CN117480503A/zh
Publication of WO2022261865A1 publication Critical patent/WO2022261865A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities

Definitions

  • the present application relates to the field of information technology, in particular to a method for securely starting a chip and the chip.
  • the chip startup process includes multiple startup stages.
  • the system chip on the terminal device needs to go through multiple startup stages during the startup process of the terminal device.
  • the startup process of the system chip on the terminal device includes ONCHIPROM, FASHBOOT, TEEOS, etc. start-up phase.
  • the image file needs to be started at each startup stage during the chip startup process.
  • the manufacturer usually stores the encrypted image file in the chip when producing the chip. Therefore, during the startup process of the chip, the encrypted image file needs to be decrypted before starting the image file.
  • the more common chip startup method is: pre-store the key in the chip, read the key and decrypt the encrypted image file during the chip startup phase.
  • this method multiple image files in multiple startup stages of the chip correspond to a fixed key, but the method of decrypting all image files with the same key in the chip startup stage is less secure. Once the key is leaked, all image files will be decrypted, causing security risks.
  • the present application provides a chip security startup method and a chip, which are used to improve the security of the chip startup process.
  • the embodiment of the present application provides a chip, which includes a key generation module and a processing module; wherein, the key generation module is used to generate a first key corresponding to the first startup phase; the first startup The stage is any one of the multiple startup stages of the chip; the first key is different from the key corresponding to the second startup stage, and the second startup stage is one of the multiple startup stages except all A start-up phase other than the first start-up phase; the processing module is used to decrypt the first encrypted file according to the first key in the first start-up phase to obtain the first image file and start the first image file, wherein , the first encrypted file is encrypted using the first key.
  • the chip provided by the embodiment of the present application can generate a key for decrypting encrypted files in each startup phase during the startup process of the chip, and the corresponding keys for at least two startup phases are not used, so that the encryption key can be generated in real time when the chip starts up.
  • the key does not need to be stored in advance to prevent key leakage; at the same time, the same key is no longer used for decryption in all startup stages, which further improves the security of chip startup.
  • the key generation module is specifically configured to: determine a first key parameter corresponding to the first startup phase, the first key parameter and a key corresponding to the second startup phase The parameters are different; the first key is generated according to the first key parameter.
  • the chip when the chip generates the first key in the first start-up phase, it first generates the first key parameters corresponding to the first start-up phase, and the key parameters corresponding to at least two start-up phases are different, so that it can be guaranteed that the After the keys are generated by key parameters, the keys corresponding to at least two start-up phases are different, which improves the security of the chip start-up process.
  • the key generation module is specifically configured to: perform calculations on the first key parameters and chip parameters of the chip according to a first calculation rule to obtain the first key.
  • the chip parameters include at least one of the following: a life cycle used to indicate the use cycle of the chip; a public key hash value used to indicate the chip manufacturer; the chip The application manufacturer identification of the chip; the application device identification of the chip; the register identification of the register contained in the chip.
  • the chip calculates the first key parameter of the chip and the chip parameter to obtain the first key, where the chip parameter can include life cycle, public key hash The chip value, the application manufacturer's identification and the application product identification, etc., so that the content of the chip parameters can be flexibly set to ensure that the keys corresponding to the chip are different when the chip is used in different stages of use or when the chip is applied to different manufacturers or products, which further ensures the security of the chip. Safe to use.
  • the key generation module is specifically configured to: when the first startup phase is the first startup phase among the multiple startup phases, generate The first key parameter; or when the first startup phase is a startup phase other than the first startup phase in the multiple startup phases, according to the encryption key corresponding to the previous startup phase of the first startup phase key parameter and a third operation rule to generate the first key parameter.
  • the chip when the chip generates key parameters during the multiple startup stages included in the startup process, it can generate key parameters for the first startup stage according to the pre-configured initial value, and for other startup stages except the first startup stage , the key parameters of the startup phase can be generated according to the key parameters of the previous startup phase, so that different key parameters corresponding to different startup phases can be obtained.
  • the processing module is further configured to: process the first key as an invalid key after starting the first image file;
  • the key generation module is further configured to: after the plurality of startup phases are over, when the first startup phase needs to be restarted, re-determine the key corresponding to the first startup phase according to the pre-configured target key parameters. said first key;
  • the processing module is further configured to: decrypt the first encrypted file according to the first key to obtain the first image file; restart the first image file.
  • the first key is treated as an invalid key to prevent the first key from being leaked.
  • the first key is re-determined according to the pre-configured target key parameters, so that when individual startup stages need to be restarted, the entire chip does not need to be restarted repeatedly. On the basis of ensuring the secure startup of the chip, the cost is saved.
  • the embodiment of the present application provides a method for securely starting a chip, the method including:
  • the first startup phase is any one of the multiple startup phases of the chip; the first key is a key corresponding to the second startup phase Different, the second startup phase is one of the multiple startup phases except the first startup phase; in the first startup phase, the first encryption is performed according to the first key
  • the file is decrypted to obtain a first image file; the first image file is started; wherein, the first encrypted file is encrypted using the first key.
  • the generating the first key corresponding to the first startup phase includes: determining the first key parameter corresponding to the first startup phase, the first key parameter being the same as the second Key parameters corresponding to the startup phase are different; and the first key is generated according to the first key parameter.
  • the generating the first key according to the first key parameter includes: performing an operation on the first key parameter and the chip parameter of the chip according to a first operation rule , to obtain the first key.
  • the determining the first key parameter corresponding to the first startup phase includes: when the first startup phase is the first startup phase in the multiple startup phases, according to the pre-configured The initial value and the second operation rule generate the first key parameter; or when the first startup phase is a startup phase other than the first startup phase in the multiple startup phases, according to the first startup phase
  • the key parameter corresponding to the previous start-up phase of the stage and the third operation rule are used to generate the first key parameter.
  • the chip parameters include at least one of the following: a life cycle used to indicate the use cycle of the chip; a public key hash value used to indicate the chip manufacturer; the chip The application manufacturer identification of the chip; the application device identification of the chip; the identification of the register contained in the chip.
  • the method further includes: processing the first key as an invalid key;
  • the method further includes: when the first start-up phase needs to be restarted, re-determine the first a key; decrypt the first encrypted file according to the first key to obtain the first image file; restart the first image file.
  • an embodiment of the present application provides a computer-readable storage medium, including instructions, which, when run on a computer, cause the computer to execute the method described in any possible design of the above-mentioned second aspect.
  • an embodiment of the present application provides a computer program product, which, when run on a computer, causes the computer to execute the method described in any possible design of the above second aspect.
  • FIG. 1 is a schematic diagram of an exemplary chip structure
  • FIG. 2 is a schematic structural diagram of a chip provided in an embodiment of the present application.
  • FIG. 3 is a schematic structural diagram of another chip provided in the embodiment of the present application.
  • FIG. 4 is a schematic structural diagram of a key parameter generation module provided by an embodiment of the present application.
  • FIG. 5 is a flow chart of a chip secure boot method provided by an embodiment of the present application.
  • Mirror file is a file similar to rar or zip compressed file. A specific series of files are made into a single file in a certain format for users to download and use, such as operating system mirror, game mirror, mirror file Can be recognized by specific software and burned to CD.
  • the system image file contains operating system files, boot files, partition table information, etc., and is used for system installation and repair.
  • the system image file can be understood as a clone file of all data on the entire system installation CD, such as the original Microsoft system, or it can be
  • the backup file of the operating system partition, such as the ghost system image usually has the suffix of .iso.
  • the life cycle of a chip can be used to indicate the life cycle of the chip.
  • the life cycle can indicate that the chip is currently in the testing phase or the application phase. Put into the stage of electronic equipment application.
  • a chip is a semiconductor component of an integrated circuit, which is widely used in various smart devices, such as smart terminal devices, smart home devices, smart cars, etc.
  • a chip usually consists of multiple intellectual property (intellectual property, IP) cores, and multiple IP cores are connected to the memory through a bus to perform program and data interaction.
  • IP core can be regarded as a pre-designed circuit function module for realizing corresponding functions.
  • the IP core can be a central processing unit (central processing unit, CPU), an application processor (application processor, AP), a graphics processing unit (graphics processing unit, GPU), a multimedia subsystem (video subsystem), a camera subsystem ( camera subsystem), wireless access module (modem), display subsystem (display subsystem), etc.
  • the structure of a chip may be as shown in FIG. 1 .
  • the CPU, multimedia subsystem, camera subsystem, display subsystem, GPU and wireless access module are connected to the memory through a bus.
  • the chip includes multiple IP cores, and the chip needs to go through multiple startup stages to complete the startup process of the chip.
  • the startup process of the system chip on the terminal device includes startup stages such as ONCHIPROM, FASHBOOT, and TEEOS. .
  • the image file needs to be started at each startup stage.
  • the manufacturer usually stores the encrypted image file in the chip when producing the chip, for example, the encrypted image file is stored in the In the memory shown in FIG. 1 , therefore, in the chip startup process, the encrypted image file needs to be decrypted before starting the image file.
  • the more common chip startup method is: pre-store the key in the chip, such as storing the key in the memory shown in Figure 1, read the key and decrypt the encrypted image file during the chip startup phase.
  • a system chip startup method as an example, in the chip encryption stage, a fixed key is burned into the system chip, and a programmable fuse of the system chip is blown, thereby storing the fixed key in the system chip.
  • the stored fixed key is read, multiple encrypted files are decrypted according to the fixed key, multiple image files are obtained, and the multiple image files are started to complete the start-up process of the chip.
  • an embodiment of the present application provides a method for securely starting a chip and the chip. During multiple startup stages of the chip, a key for decrypting an encrypted file is generated. The keys corresponding to different startup stages may be different. Therefore, the security of the chip startup process is ensured.
  • the embodiment of the present application may be applicable to various possible scenarios, for example, in the chip testing stage or the chip application stage, the chip security startup method provided by the embodiment of the present application may be adopted.
  • a key generation module can be added to the chip, or a key generation function can be added to an existing module of the chip such as the CPU as a key generation module, and the key generation module is used for testing the chip.
  • the key used to decrypt the encrypted file is generated, where the keys in different startup stages can be different, so that the key can also be stored in the chip without storing the key in the chip startup process.
  • Generate a key which can decrypt encrypted files and ensure the security of chip startup.
  • the chip startup process includes multiple startup stages.
  • the chip startup method provided by the embodiment of the present application is further introduced below taking the first startup stage of the chip as an example, wherein the first startup stage is multiple startup stages of the chip. Any one of the start-up phases; .
  • FIG. 2 is a schematic structural diagram of a chip provided by an embodiment of the present application.
  • the chip may include a key generation module and a processing module.
  • the key generation module is used to generate the first key corresponding to the first start-up phase; the first key is different from the key corresponding to the second start-up phase, and the second start-up phase is a plurality of start-up phases except the first start-up phase an initiation phase other than
  • the processing module is used to decrypt the first encrypted file according to the first key in the first startup phase to obtain the first image file; start the first image file; wherein, the first encrypted file uses the first key encrypted.
  • the image file corresponding to the start-up phase needs to be started.
  • the audio image file and the video image file need to be started during the start-up phase of the multimedia subsystem of the chip.
  • the first encrypted file needs to be decrypted to obtain the image file that needs to be started in the first startup stage, wherein, in the chip encryption stage, the first encrypted file is encrypted with the first key and saved to the chip middle. Therefore, in the first startup phase, a first key needs to be generated to decrypt the first encrypted file.
  • the keys corresponding to the encrypted files that need to be decrypted in different boot phases may be the same or different, but at least two keys corresponding to the boot phases are different.
  • the first key corresponding to the first start-up phase is different from the key corresponding to the second start-up phase, wherein the second start-up phase may be a start-up phase other than the first start-up phase among the multiple start-up phases of the chip, That is to say, in the chip secure boot method provided by the embodiment of the present application, a fixed key is not used to encrypt the image files that need to be started in all boot stages, so as to improve security.
  • different encryption keys can be used for multiple image files with higher confidentiality levels, and the same encryption key can be used for multiple image files with lower confidentiality levels.
  • key to encrypt In specific implementation, the key can be flexibly used to encrypt the image file according to the requirements of the image file to be encrypted by the chip and the startup time of each startup stage of the chip.
  • the key generation module generates the first key parameter corresponding to the first start-up phase.
  • the first key parameter is used to form the first key.
  • Different key parameters can form different keys, and then different keys can be generated by generating different keys. key parameter to get a different key.
  • the first key parameter is generated according to a pre-configured initial value and a second operation rule, wherein the pre-configured initial value may be The chip is stored in the chip. For example, assuming that the pre-configured initial value is 001, assuming that the second operation rule is an accumulation operation, and the accumulation value is 1, then the first key parameter is 010.
  • the first key parameter is generated according to the key parameter corresponding to the previous start-up phase of the first start-up phase and the third operation rule. For example, assuming that the key parameter corresponding to the previous start-up phase of the first start-up phase is 100, the third operation rule is an accumulation operation, and the accumulated value is 1, then the first key parameter is 101.
  • the second operation rule and the third operation rule may be the same, for example, both the second operation rule and the third operation rule are accumulation operations, but the multiple keys calculated according to the second operation rule and the third operation rule The same key parameter does not exist in the parameters.
  • the key generation module can be based on the pre-configured initial value and set operation rules to generate at least one key parameter.
  • the preconfigured initial value can be programmed into the fixed cache of the chip during chip production to prevent the initial value from being tampered with, for example, the preconfigured initial value can be programmed into the one-time programmable memory (EFUSE) middle.
  • EFUSE one-time programmable memory
  • the operation rule can be set to accumulation operation, accumulation operation, exponential operation, etc. , but the set operation rule cannot be an operation rule in which the accumulation operation and the accumulation operation are alternately performed. Therefore, the key parameter generated according to the chip security boot method provided in the embodiment of the present application can also be called an irreversible factor, that is, the key parameter generated during the generation of the key During the process of key parameters, two identical key parameters will not be generated, and the key parameter generation process is irreversible.
  • a 32-bit register in the key generation module can be used to generate key parameters, assuming that the pre-configured initial value is 0x00000001, the operation rule is set to accumulation operation, and the accumulation value is 1, then multiple In the startup phase, this register is enabled once, and a key parameter can be obtained.
  • the first key parameter generated is 0x00000002, the second key parameter is 0x00000003... and so on, this register can support the generated
  • the last key parameter is 0xFFFFFFFF, that is to say, in order to ensure that any two generated key parameters are different, this register does not support flipping after accumulating 0xFFFFFFFF.
  • the key generation module can perform calculations on the first key parameter and chip parameters according to the first operation rule to obtain the first key.
  • the first operation rule may be, for example, a bit splicing operation, a shift operation, and a combination of a shift operation and a bit splicing operation.
  • the calculation may be performed on all fields of the first key parameter and the chip parameter, or may be performed on some fields of the first key parameter and the chip parameter, to get the key parameters.
  • the first operation rule is a bit splicing operation
  • the first key parameter occupies 32 bits and the chip parameter occupies 16 bits
  • a 48-bit first key For example, when the first operation rule is a bit splicing operation, assuming that the first key parameter occupies 32 bits and the chip parameter occupies 16 bits, then a 48-bit first key.
  • the first key parameter can be shifted by a set number of bits, and then the shifted first key parameter and chip parameter can be bit-shifted. stitching.
  • the obtained multiple key parameters are all different, that is to say, the first operation rule cannot The same key parameter is obtained after different key parameters are operated with the chip parameters.
  • the above first operation rule is only used as an exemplary description, and any operation rule that can obtain different keys after performing operations on different key parameters and chip parameters is applicable, which is not limited in this embodiment of the present application.
  • chip parameters can be used to indicate information such as the life cycle of the chip, manufacturer, application manufacturer, and application equipment.
  • chip parameters can include life cycle, public key hash value, application manufacturer identification (original equipment manufacturer identity document) , OEM ID), at least one of the application device identification (product ID), register identification, where the life cycle is used to indicate the current use cycle of the chip, for example, the use cycle includes the test phase and the application phase, which can be distinguished by the life cycle The use cycle of the chip, so that different keys are used to encrypt the image file during the test phase and application phase of the chip, further improving security; the public key hash value can be used to indicate the manufacturer of the chip; OEM ID can be used to indicate the chip The manufacturer of the application; the product ID can be used to indicate the product of the chip application; the register identification is used to indicate the registers included in the chip, such as register type, register status, etc.
  • different keys can be generated by setting the specific content of the chip parameters, so that the chips correspond to different keys in different service cycles, different
  • the key generation module After the key generation module generates the first key, it sends the first key to the processing module, and the processing module decrypts the first encrypted file according to the first key to obtain the first image file.
  • the processing module starts the first image file, thereby completing the first start-up phase.
  • the image files corresponding to several start-up stages of the chip can be encrypted with the same key.
  • the processing module obtains the key parameters and generates the key, it can use In each startup phase, use the key to decrypt the encrypted file in each startup phase, and start the decrypted image file.
  • the first startup phase can correspond to multiple keys, for example, the first startup phase corresponds to the first key and the second key, the first key is used to decrypt the first encrypted file to obtain the first image file, and the second encrypted The key is used to decrypt the second encrypted file to obtain the second image file, and the first key is different from the second key.
  • the second key parameter corresponding to the second key can be generated according to the first key parameter and the set operation rules.
  • the specific generation method of the second key please refer to the above-mentioned generation method of the first key implementation, the repetition will not be repeated.
  • the key parameters corresponding to the image file can be stored in the chip during the chip production phase.
  • the chip startup process reaches the startup stage, in multiple sub-startup stages, a key is generated according to the pre-configured key parameters, and the encrypted file is decrypted according to the key to obtain an image file, and the image file is started.
  • the key corresponding to the startup phase is treated as an invalid key, for example, delete
  • the key may set all bit positions of the key to 0 or 1, so that the key cannot be used again, further ensuring the security of chip startup.
  • multiple stages of the chip startup process in the embodiment of the present application are not reversible.
  • the chip startup process includes three startup phases (startup phase A, startup phase B, and startup phase C)
  • start-up phase A after the startup phase B ends , can only enter the start-up phase C, but cannot enter the start-up phase A and start-up phase B again.
  • the key corresponding to the startup phase will be treated as an invalid key, that is, even if forced to re-enter the previous startup phase, because the corresponding The key is invalid, these image files in the previous startup stage cannot be decrypted, and the previous startup stage cannot be restarted.
  • some start-up phases of the chip may need to be restarted. restart.
  • multiple startup phases of the current chip have been completed, and some startup phases need to be restarted, which does not mean that the entire chip needs to be restarted.
  • the chip is applied to a smart device, when multiple startup phases of the chip are completed, the smart device has After the boot is completed, some startup stages of the chip need to be restarted, and the smart device does not need to be restarted.
  • the first startup stage is a startup stage that needs to be restarted after multiple startup stages are completed, during the chip production process, the target key parameters corresponding to the first startup stage can be stored in the memory of the chip.
  • the first startup phase needs to be restarted, directly read the memory of the chip to obtain the target key parameters, so as to regenerate the first key corresponding to the first startup phase according to the target key parameters, and according to the first key pair
  • the first encrypted file corresponding to the first startup stage is decrypted to obtain the first image file, and the first image file is restarted to complete the restart of the first startup stage.
  • the key generation module of the chip in the embodiment of the present application can also be split into a key parameter generation module and an operation module.
  • FIG. 3 is a schematic structural diagram of a chip, which includes a key Parameter generating module, computing module, processing module and storage module.
  • the storage module can be a one-time programmable memory (one time programmable, OTP) such as flash memory (FLASH) or EFUSE, or the storage module can be a non-volatile memory (non-volatile memory, NVM), and the storage module can be used for Stores pre-configured initial values.
  • OTP one time programmable
  • NVM non-volatile memory
  • a method for securely starting a chip provided in an embodiment of the present application includes the following steps, assuming that the chip startup process includes N startup stages:
  • the key parameter generation module acquires a preconfigured initial value from the storage module.
  • the key parameter module generates key parameters corresponding to the first startup phase according to the pre-configured initial value and the set operation rules.
  • the key parameter generation module can be an irreversible one-way accumulation or one-way accumulation counter Monotonic, assuming that the key parameter generation module is an accumulation calculator, after the key parameter module obtains the pre-configured initial value, it can Computes the sum of the initial value and the accumulated value as the first key argument. After the key parameter generation module is enabled once, it performs a summation operation on the current value and the accumulated value to obtain the next key parameter.
  • the key parameter module sends the calculated key parameter to the calculation module.
  • S304 The operation module performs operations on the key parameter and the chip parameter according to the first operation rule to obtain the key.
  • the key parameter generation module can be enabled multiple times to obtain multiple key parameters, and the operation module can perform calculations on each key parameter and chip parameter , to get multiple keys.
  • S306 The processing module decrypts the encrypted file corresponding to the first startup stage according to the key, obtains the image file, and starts the image file.
  • the key parameter module generates key parameters corresponding to the current start-up phase according to the current value and the set operation rule.
  • the current value in the key parameter module is the key parameter generated by the key parameter module last time.
  • the key parameter module sends the calculated key parameter to the calculation module.
  • the operation module performs operations on the key parameter and the chip parameter according to the first operation rule to obtain the key.
  • S311 The processing module decrypts the encrypted file corresponding to the current start-up phase according to the key, obtains the image file, and starts the image file.
  • FIG. 4 is a schematic structural diagram of an exemplary key parameter generation module, the key generation module includes 4 memories, The four registers are: the first register, the second register, the third register and the fourth register. The functions of these four registers are introduced below:
  • the second register is the selection register, which is used to select the third register or the fourth register as the output register.
  • the third register is used as the output register, and the key parameter generated by the third register is used to generate the key ;
  • the fourth register is used as an output register, and the key parameter generated by the fourth register is used to generate a key.
  • the third register can be configured as any value supported by the register.
  • the fourth register is used to generate key parameters according to the set operation rules. For example, in the first startup stage of the chip, the pre-configured initial value is written into the fourth register, and the fourth register can be based on the initial value and the set operation rules. Generate key parameters corresponding to the first boot phase. The software configuration is enabled once, and the fourth register performs an operation on the current value according to the set operation rules to obtain a key parameter.
  • the first register is a lock register, which is used to lock the second register, the third register and the fourth register after the chip completes multiple start-up stages. For example, after writing the Magic value of the first register, the second register is clamped to 0, that is, the third register is selected as the output register, and the fourth register no longer generates key parameters.
  • the chip is powered on to start the startup process, the second register is written to set a non-zero value, the fourth register is selected as the output register, the initial value stored in the chip is written into the fourth register, and the software configuration Enable once, the fourth register performs an operation on the current value according to the set operation rules to obtain a key parameter, the fourth register outputs the generated key parameter, and the subsequent operation module performs an operation on the key parameter according to the first operation rule Calculate with the chip parameters to generate a key.
  • the BOOTLOADER stage of the chip all image files in the chip startup process are verified. After the verification is passed, the first register initiates a lock. After the lock, the second register is clamped to 0. At this time, the fourth register stops generating key parameters. , and the fourth register is no longer used as an output register. That is to say, after multiple start-up phases of the chip are completed, key parameters can only be generated by configuring the third register and using the third register as an output register.
  • the key parameter generation module shown in Figure 4 can also realize key parameter generation in the following two special scenarios:
  • Scenario 1 After the completion of multiple boot phases of the chip, the first boot phase requires a reboot.
  • the first startup phase is, for example, the TEEOS phase.
  • the target key parameter corresponding to the first startup stage is obtained from the memory of the chip, and the target key parameter is written into the third register.
  • One register initiates a lock, and the second register is clamped to 0 after locking.
  • the third register is used as an output register, and the third register can output the target key parameter, and the operation module performs the calculation of the target key parameter and Chip parameters are calculated to regenerate the first key.
  • the processing module can decrypt the first encrypted file according to the first key to obtain the first image file, and the processor starts the first image file to complete the restart of the first startup stage.
  • Scenario 2 The same image file needs to be started in multiple sub-startup stages contained in one startup stage of the chip.
  • a chip startup phase may include multiple sub-boot phases, and some image files may need to be started in multiple sub-boot phases, for example, the first boot phase of the chip includes sub-boot phase A and sub-boot phase B, and the sub-boot phase Both stage A and sub-boot stage B need to start the image file A, then in the chip production stage, the key parameter A corresponding to the image file A is stored in the memory of the chip.
  • substart phase A write the second register to 0, switch the third register as an output register, and keep the fourth register suspended.
  • the processing module can decrypt the encrypted file A according to the key A, obtain the image file A and start the image file A.
  • Writing a non-zero value to the second register toggles the fourth register as an output register.
  • write the second register as 0, switch the third register as the output register, read the key parameter A corresponding to the image file A from the memory of the chip, and write the key parameter A into The third register, so that the operation module can calculate the key parameter A and the chip parameter according to the first operation rule to generate the key A, and the processing module can decrypt the encrypted file A according to the key A to obtain the image file A and start the image file A.
  • Writing a non-zero value to the second register toggles the fourth register as an output register.
  • the operation module may also perform different processing on the received key parameter according to different output registers.
  • it can be preset that when the third register is used as an output register, the first processing is performed on the key parameter output by the third register, and then the key parameter after the first processing is calculated with the chip identification to obtain the key; and preset When the fourth register is used as an output register, the second processing is performed on the key parameter output by the fourth register, and then the key parameter after the second processing is calculated with the chip identification to obtain the key, wherein the first processing and the second
  • the processing can be scrambling processing or encryption processing, and the first processing is different from the second processing, so as to prevent the unsafe problem caused by maliciously configuring the third register as the value generated by the fourth register during the chip startup process.
  • the key parameter settings generated by the different registers are processed differently. Even if the third register is maliciously configured as a certain key parameter that can be generated by the fourth register, the corresponding
  • the first processing of the key parameters output by the third register may be performed, or when only the fourth register is set as the output register, the key parameters output by the fourth register may be processed.
  • the second processing performed on the key parameter can also achieve the above effect.
  • an embodiment of the present application provides a method for securely starting a chip. Referring to Fig. 5, this method comprises the steps:
  • S501 Generate a first key corresponding to the first startup phase.
  • the first start-up phase is any one of the multiple start-up phases of the chip; the first key is different from the key corresponding to the second start-up phase, and the second start-up phase is the multiple start-up phase A start-up phase other than the first start-up phase in the start-up phases.
  • S502 In the first startup phase, decrypt the first encrypted file according to the first key to obtain a first image file.
  • the first encrypted file is encrypted using the first key.
  • the generating the first key corresponding to the first startup phase includes: determining a first key parameter corresponding to the first startup phase, the first key parameter being the same as the first key parameter Key parameters corresponding to the two startup phases are different; and the first key is generated according to the first key parameter.
  • the generating the first key according to the first key parameter includes: performing an operation on the first key parameter and the chip parameter of the chip according to a first operation rule , to obtain the first key.
  • the determining the first key parameter corresponding to the first startup phase includes: when the first startup phase is the first startup phase in the multiple startup phases, according to the pre-configured The initial value and the second operation rule generate the first key parameter; or when the first startup phase is a startup phase other than the first startup phase in the multiple startup phases, according to the first startup phase
  • the key parameter corresponding to the previous start-up phase of the stage and the third operation rule are used to generate the first key parameter.
  • the chip parameters include at least one of the following: a life cycle used to indicate the use cycle of the chip; a public key hash value used to indicate the chip manufacturer; the chip The application manufacturer identification of the chip; the application device identification of the chip; the identification of the register contained in the chip.
  • the method further includes: processing the first key as an invalid key;
  • the method further includes: when the first start-up phase needs to be restarted, re-determine the first a key; decrypt the first encrypted file according to the first key to obtain the first image file; restart the first image file.
  • the steps of the method or algorithm described in the embodiments of the present application may be directly embedded in hardware, a software unit executed by a processor, or a combination of both.
  • the software unit may be stored in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, registers, hard disk, removable disk, CD-ROM or any other storage medium in the art.
  • the storage medium can be connected to the processor, so that the processor can read information from the storage medium, and can write information to the storage medium.
  • the storage medium can also be integrated into the processor.
  • the processor and the storage medium can be set in the ASIC, and the ASIC can be set in the terminal device.
  • the processor and the storage medium may also be disposed in different components in the terminal device.

Abstract

La présente demande concerne un procédé de démarrage sécurisé de puce et une puce. La puce comprend un module de génération de clé et un module de traitement ; le module de génération de clé est configuré pour générer une première clé correspondant à la première phase de démarrage ; la première phase de démarrage est une phase quelconque d'une pluralité de phases de démarrage de la puce ; la première clé est différente d'une clé correspondant à la seconde phase de démarrage, et la seconde phase de démarrage est une phase de démarrage autre que la première phase de démarrage dans la pluralité de phases de démarrage ; le module de traitement est configuré, dans la première phase de démarrage, pour déchiffrer un premier fichier chiffré selon la première clé pour obtenir un premier fichier miroir, et pour démarrer le premier fichier miroir ; le premier fichier chiffré est chiffré à l'aide de la première clé. Selon la puce proposée dans des modes de réalisation de la présente demande, dans un processus de démarrage de puce, une clé peut être générée en temps réel et il n'est pas nécessaire de pré-stocker la clé, empêchant ainsi une fuite de la clé ; en outre, toutes les phases de démarrage n'utilisent plus une même clé pour le déchiffrement, ce qui permet d'améliorer la sécurité du démarrage de la puce.
PCT/CN2021/100403 2021-06-16 2021-06-16 Procédé de démarrage sécurisé de puce et puce WO2022261865A1 (fr)

Priority Applications (2)

Application Number Priority Date Filing Date Title
PCT/CN2021/100403 WO2022261865A1 (fr) 2021-06-16 2021-06-16 Procédé de démarrage sécurisé de puce et puce
CN202180099358.2A CN117480503A (zh) 2021-06-16 2021-06-16 一种芯片安全启动方法及芯片

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2021/100403 WO2022261865A1 (fr) 2021-06-16 2021-06-16 Procédé de démarrage sécurisé de puce et puce

Publications (1)

Publication Number Publication Date
WO2022261865A1 true WO2022261865A1 (fr) 2022-12-22

Family

ID=84526823

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2021/100403 WO2022261865A1 (fr) 2021-06-16 2021-06-16 Procédé de démarrage sécurisé de puce et puce

Country Status (2)

Country Link
CN (1) CN117480503A (fr)
WO (1) WO2022261865A1 (fr)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101578609A (zh) * 2007-01-07 2009-11-11 苹果公司 安全启动计算设备
CN106934289A (zh) * 2015-12-30 2017-07-07 北京展讯高科通信技术有限公司 校验及形成签名映像的方法
CN110100245A (zh) * 2016-11-03 2019-08-06 微安科技有限公司 利用签名的公钥的安全启动方法
US20200089889A1 (en) * 2018-09-19 2020-03-19 SK Hynix Inc. Memory system and operation method thereof

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101578609A (zh) * 2007-01-07 2009-11-11 苹果公司 安全启动计算设备
CN106934289A (zh) * 2015-12-30 2017-07-07 北京展讯高科通信技术有限公司 校验及形成签名映像的方法
CN110100245A (zh) * 2016-11-03 2019-08-06 微安科技有限公司 利用签名的公钥的安全启动方法
US20200089889A1 (en) * 2018-09-19 2020-03-19 SK Hynix Inc. Memory system and operation method thereof

Also Published As

Publication number Publication date
CN117480503A (zh) 2024-01-30

Similar Documents

Publication Publication Date Title
US10339327B2 (en) Technologies for securely binding a platform manifest to a platform
US8438377B2 (en) Information processing apparatus, method and computer-readable storage medium that encrypts and decrypts data using a value calculated from operating-state data
US8214632B2 (en) Method of booting electronic device and method of authenticating boot of electronic device
KR101687277B1 (ko) 시스템 온 칩 디바이스들에서의 키 폐기
US10819514B2 (en) Electronic component of electronic device, method of starting electronic device and encryption method
JP6077678B2 (ja) 固定長データ構造の完全性を保護するための方法
JP6073320B2 (ja) デジタル署名するオーソリティ依存のプラットフォームシークレット
JP2005227995A (ja) 情報処理装置、および情報処理方法、並びにコンピュータ・プログラム
CN109388953B (zh) 安全设备、电子设备和操作电子设备的方法
JP2009252244A (ja) セキュアな信頼チェーンを実施する方法及びシステム
TW200941278A (en) Secure update of boot image without knowledge of secure key
JP5796447B2 (ja) 情報処理装置、正当性検証方法、正当性検証プログラム
JP2017504267A (ja) セキュアブート中のキー抽出
CN113177201A (zh) 程序校验、签名方法及装置、soc芯片
JP2020004390A (ja) 自動検証方法及びシステム
CN109814934B (zh) 数据处理方法、装置、可读介质和系统
CN107924440B (zh) 用于管理容器的方法、系统和计算机可读介质
EP1465038B1 (fr) Dispositif de mémoire sécurisée pour des environnements logiciel flexibles
WO2022261865A1 (fr) Procédé de démarrage sécurisé de puce et puce
WO2014138060A1 (fr) Génération de nombre premier
WO2013001721A1 (fr) Procédé de commande d'ordinateur
JP5776480B2 (ja) 情報処理装置、正当性検証方法、正当性検証プログラム
CN109460262B (zh) 验证主系统镜像合法性的方法、系统、安卓设备及介质
TWI675340B (zh) 程式驗證方法
US20220382873A1 (en) Firmware-based secure tenancy transfer

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 21945452

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE