WO2024113724A1 - Data transmission method, device, and storage medium - Google Patents

Data transmission method, device, and storage medium Download PDF

Info

Publication number
WO2024113724A1
WO2024113724A1 PCT/CN2023/096611 CN2023096611W WO2024113724A1 WO 2024113724 A1 WO2024113724 A1 WO 2024113724A1 CN 2023096611 W CN2023096611 W CN 2023096611W WO 2024113724 A1 WO2024113724 A1 WO 2024113724A1
Authority
WO
WIPO (PCT)
Prior art keywords
data
key
hard disk
certificate
signature
Prior art date
Application number
PCT/CN2023/096611
Other languages
French (fr)
Chinese (zh)
Inventor
崔佳宁
尹作刚
张琪
Original Assignee
苏州元脑智能科技有限公司
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by 苏州元脑智能科技有限公司 filed Critical 苏州元脑智能科技有限公司
Publication of WO2024113724A1 publication Critical patent/WO2024113724A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/0838Key agreement, i.e. key establishment technique in which a shared key is derived by parties as a function of information contributed by, or associated with, each of these
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements
    • H04L9/3268Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements using certificate validation, registration, distribution or revocation, e.g. certificate revocation list [CRL]

Definitions

  • the present application relates to the field of storage, and in particular to a data transmission method, device and storage medium.
  • solid-state drives are widely used to record data due to their advantages such as low latency, high performance, and low power consumption.
  • a large amount of data needs to be collected quickly for subsequent analysis or training.
  • the data may need to be remotely transmitted to the server through the network for analysis and modeling.
  • the data In order to prevent data from being stolen or modified by attackers during network transmission, the data needs to be encrypted.
  • the generally adopted solution is to read the solid-state drive data on the host, and then the two parties negotiate the key and encrypt the data using the negotiated key.
  • this solution depends on the host environment and requires the host to be trustworthy, otherwise it will still lead to data leakage.
  • the embodiment of the present application proposes a data transmission method according to the first aspect of the present application, comprising the following steps:
  • the data sending hard disk and the data receiving hard disk use the digital certificate to negotiate identity information and temporary key, and generate the same symmetric key based on the negotiated identity information and temporary key;
  • the data sending hard disk uses the symmetric key to encrypt the data to be transmitted and sends it to the data receiving hard disk;
  • the data receiving hard disk uses the symmetric key to decrypt the received data to be transmitted.
  • it also includes:
  • the signature public-private key pair and the encryption public-private key pair are pre-generated
  • the signature private key corresponding to the signature certificate in the signature public-private key pair, the signature certificate, the encryption private key corresponding to the encryption certificate in the encryption public-private key pair, the encryption certificate, and the public key certificate corresponding to the preset private key are saved to the preset storage location.
  • the data sending hard disk and the data receiving hard disk use digital certificates to negotiate identity information and temporary keys, and generate the same symmetric key based on the negotiated identity information and temporary keys, further comprising:
  • the data receiving hard disk receives the preset command, reads the first signature certificate and the first encryption certificate, and sends them to the data sending hard disk;
  • the legitimacy of the first signature certificate and the first encryption certificate is verified using the public key certificate in the data sending hard disk.
  • it also includes:
  • the data sending hard disk In response to the verification being passed, the data sending hard disk generates a second temporary key, and encrypts the second temporary key using the received first encryption certificate;
  • the second identity information of the hard disk is sent;
  • the encrypted second temporary key, the encrypted second identity information, the second signature certificate and the second encryption certificate are signed using the signature private key of the data sending hard disk to obtain second signature data, and sent to the data receiving hard disk.
  • it also includes:
  • the second signature certificate is used to verify whether the second signature data is complete.
  • it also includes:
  • the data receiving hard disk uses the first encryption private key corresponding to the first encryption certificate to decrypt the encrypted second temporary key to obtain the second temporary key;
  • the encrypted second identity identification information is decrypted using the second temporary key to obtain the second identity identification information.
  • it also includes:
  • the data receiving hard disk generates a first temporary key, and encrypts the first temporary key using the received second encryption certificate;
  • the encrypted first temporary key and the encrypted first identity identification information are signed using the signature private key of the data receiving hard disk to obtain first signature data, and the first signature data is sent to the data sending hard disk.
  • it also includes:
  • the hard disk uses the first signature certificate to verify the integrity of the first signature data.
  • it also includes:
  • the data sending hard disk uses the second encryption private key corresponding to the second encryption certificate to decrypt the encrypted first temporary key to obtain the first temporary key;
  • the encrypted first identity identification information is decrypted using the first temporary key to obtain the first identity identification information.
  • it also includes:
  • the data receiving hard disk and the data sending hard disk generate a symmetric key and an authentication key using the first temporary key, the first identity identification information, the second temporary key, and the second identity identification information respectively.
  • it also includes:
  • the data sending hard disk calculates the second verification data using the first formula, encrypts the second verification data using the symmetric key, and The encrypted second verification data is sent to the data receiving hard disk, wherein the first formula is:
  • K is the authentication key
  • M1 is the second temporary key
  • opad and ipad are different constants
  • H represents hash operation
  • ' represents data concatenation.
  • it also includes:
  • the data receiving hard disk calculates the first verification data using the first formula, decrypts the received encrypted second verification data using the symmetric key, and compares the first verification data with the second verification data.
  • it also includes:
  • the data receiving hard disk calculates the first verification data using the second formula, encrypts the first verification data using the symmetric key, and sends the encrypted first verification data to the data sending hard disk, wherein the second formula is:
  • K is the authentication key
  • M2 is the first temporary key
  • opad and ipad are different constants
  • H represents hash operation
  • ' represents data concatenation.
  • it also includes:
  • the data sending hard disk calculates the second verification data using the second formula, decrypts the received encrypted first verification data using the symmetric key, and compares the first verification data with the second verification data.
  • the data sending hard disk encrypts the data to be transmitted using a symmetric key and sends the encrypted data to the data receiving hard disk, further comprising:
  • the encrypted data to be transmitted and the hash value are sent to the data receiving hard disk.
  • the data receiving hard disk uses a symmetric key to decrypt the received data to be transmitted, further comprising:
  • the plaintext data is decrypted using the symmetric key and saved to a corresponding location based on the address and data length.
  • an embodiment of the present application further provides a computer device, including:
  • a memory storing a computer program executable on a processor, wherein the processor executes the steps of any one of the above data transmission methods when executing the program.
  • an embodiment of the present application also provides a non-transitory computer-readable storage medium, which stores a computer program.
  • the computer program When the computer program is executed by a processor, it performs the steps of any of the above data transmission methods.
  • the present application has one of the following beneficial technical effects: the solution proposed in the present application performs key negotiation and data encryption transmission between hard disks, is independent of the host environment, and ensures the flexibility and security of data transmission.
  • FIG1 is a schematic diagram of a flow chart of a data transmission method provided in an embodiment of the present application.
  • FIG2 is a schematic diagram of all data interactions during the key negotiation process in the first phase provided by an embodiment of the present application
  • FIG3 is a schematic diagram of part of the data interaction in the key negotiation process in the first stage provided by an embodiment of the present application;
  • FIG4 is a schematic diagram of another part of data interaction in the key negotiation process in the first stage provided by an embodiment of the present application.
  • FIG5 is a schematic diagram of another part of data interaction in the key negotiation process in the first stage provided by an embodiment of the present application.
  • FIG6 is a schematic diagram of a universal load head defined in an embodiment of the present application.
  • FIG7 is a schematic diagram of header information provided by an embodiment of the present application.
  • FIG8 is a schematic diagram of the structure of a computer device provided in an embodiment of the present application.
  • FIG. 9 is a schematic diagram of the structure of a non-transitory computer-readable storage medium provided in an embodiment of the present application.
  • Asymmetric_Encrypt(msg,pub_key) uses the public key pub_key of the asymmetric key pair to encrypt the message msg using an asymmetric algorithm.
  • the asymmetric algorithm may be SM2 or RSA, etc.
  • Asymmetric_Sign(msg, priv_key) Use the private key priv_key of the asymmetric key pair to digitally sign the message msg.
  • the signature algorithm can be SM2 or RSA, etc.
  • Symmetric_Encrypt(msg, key) Use the symmetric key key to encrypt the message msg using a symmetric algorithm.
  • the encryption algorithm can be SM4 or 3DES, etc.
  • PRF key, msg
  • PRF pseudo random function
  • HASH(msg) Use a cryptographic hash algorithm to calculate the data digest of the message msg.
  • the digest algorithm can be SM3 or SHA-256.
  • Vendor_cert Vendor certificate, a certificate issued by the vendor's private key to the vendor's public key.
  • the contents of the certificate include: vendor information, vendor public key, signature of an authority, validity period, etc.
  • the format and verification method of the certificate generally follow the X.509 international standard.
  • SSD_cert SSD certificate, a certificate issued using the manufacturer's private key to the SSD's public key.
  • the contents of the certificate include: manufacturer information, SSD public key, signature and validity period of the authority, etc.
  • the format and verification method of the certificate generally follow the X.509 international standard.
  • the associated public and private key pairs are used for signature verification.
  • the local SSD certificate is represented as SSD_cert_sig_local
  • the SSD certificate on the remote server is represented as SSD_cert_sig_server.
  • the associated public and private key pairs are used for encryption and decryption operations.
  • the local SSD certificate is represented as SSD_cert_enc_local
  • the SSD certificate on the remote server is represented as SSD_cert_enc_server.
  • HMAC It is the abbreviation of Hash-based Message Authentication Code.
  • the H in HMAC refers to the Hash algorithm.
  • HMAC can use a variety of one-way hashing formulas, such as SHA-1. Where 'K' represents the key, 'M' represents the message, Indicates XOR operation, 'H' indicates hash operation, '
  • an embodiment of the present application proposes a data transmission method, as shown in FIG1 , which may include the steps of:
  • the data sending hard disk and the data receiving hard disk use digital certificates to negotiate identity information and temporary keys, and generate the same symmetric key based on the negotiated identity information and temporary keys;
  • the data sending hard disk uses the symmetric key to encrypt the data to be transmitted and sends it to the data receiving hard disk;
  • the data receiving hard disk uses the symmetric key to decrypt the received data to be transmitted.
  • the solution proposed in this application performs key negotiation and data encryption transmission between hard disks, which is independent of the host environment, thereby making data transmission more flexible and secure.
  • data transmission between hard disks designed in the present application can be divided into two stages.
  • the first stage is key exchange
  • the second stage is the use of key encryption to protect the transmitted data.
  • the communicating parties use digital certificates to protect the exchanged data.
  • the same symmetric key is calculated based on the exchanged data according to the agreed algorithm to protect the data transmission process in the second phase. If the attacker cannot obtain the manufacturer's private key, he cannot generate a legitimate digital certificate. Even if the attacker intercepts the transmitted SSD digital certificate, he cannot obtain the private key stored in the SSD, nor can he use the private key to decrypt data or sign data, which ensures the security of the key negotiation process.
  • the host sends the address and length of the data to be read to the SSD.
  • the SSD uses the symmetric key obtained in the first stage to calculate the hash value of the data, encrypts it with the symmetric key, and returns it to the host.
  • the host transmits the data remotely to the server through the network.
  • the SSD on the server will use the symmetric key obtained in the first stage to decrypt the data, verify the hash value, and save the data.
  • it also includes:
  • the signature public-private key pair and the encryption public-private key pair are pre-generated
  • the signature private key corresponding to the signature certificate in the signature public-private key pair, the signature certificate, the encryption private key corresponding to the encryption certificate in the encryption public-private key pair, the encryption certificate, and the public key certificate corresponding to the preset private key are saved to the preset storage location.
  • the manufacturer sends a private command to the SSD to make the SSD generate two pairs of public and private key pairs.
  • the SSD saves the private key in the non-volatile flash and returns the public key to the host.
  • the host uses the manufacturer's private key to sign the SSD's public key, and generates the SSD_cert_sig signature certificate and SSD_cert_enc encryption certificate of the SSD respectively, and sends them together with the manufacturer's public key certificate Vendor_cert to the SSD.
  • the SSD saves the Vendor_cert, SSD_cert_sig signature certificate and SSD_cert_enc encryption certificate in the non-volatile flash.
  • Two pairs of public and private keys one pair of public and private keys is used to sign and verify the transmitted data during the key negotiation phase to ensure the integrity of the data and the identity of the data source, private key signature, public key signature verification.
  • One pair of public and private keys is used for encryption and decryption operations.
  • the temporary symmetric key generated by encryption and decryption is encrypted with the public key and decrypted with the private key.
  • the signature certificate of the data receiving hard disk is recorded as the first signature certificate
  • the encryption certificate is recorded as the first encryption certificate
  • the identity identification information is recorded as the first identity identification information
  • the signature data is recorded as the first signature data
  • the temporary key is recorded as the first temporary key
  • the signature certificate of the data sending hard disk is recorded as the second signature certificate
  • the encryption certificate is recorded as the second encryption certificate
  • the identity identification information is recorded as the second identity identification information
  • the signature data is recorded as the second signature data
  • the temporary key is recorded as the second temporary key.
  • the data sending hard disk and the data receiving hard disk use digital certificates to negotiate identity information and temporary keys, and generate the same symmetric key based on the negotiated identity information and temporary keys, further comprising:
  • the data receiving hard disk receives the preset command, reads the first signature certificate and the first encryption certificate, and sends them to the data sending hard disk;
  • the legitimacy of the first signature certificate and the first encryption certificate is verified using the public key certificate in the data sending hard disk.
  • it also includes:
  • the data sending hard disk In response to the verification being passed, the data sending hard disk generates a second temporary key, and encrypts the second temporary key using the received first encryption certificate;
  • the second identity information of the hard disk is sent;
  • the encrypted second temporary key, the encrypted second identity information, the second signature certificate and the second encryption certificate are signed using the signature private key of the data sending hard disk to obtain second signature data, and sent to the data receiving hard disk.
  • it also includes:
  • the second signature certificate is used to verify whether the second signature data is complete.
  • it also includes:
  • the data receiving hard disk uses the first encryption private key corresponding to the first encryption certificate to decrypt the encrypted second temporary key to obtain the second temporary key;
  • the encrypted second identity identification information is decrypted using the second temporary key to obtain the second identity identification information.
  • it also includes:
  • the data receiving hard disk generates a first temporary key, and encrypts the first temporary key using the received second encryption certificate;
  • the encrypted first temporary key and the encrypted first identity identification information are signed using the signature private key of the data receiving hard disk to obtain first signature data, and the first signature data is sent to the data sending hard disk.
  • it also includes:
  • the hard disk uses the first signature certificate to verify the integrity of the first signature data.
  • it also includes:
  • the data sending hard disk uses the second encryption private key corresponding to the second encryption certificate to decrypt the encrypted first temporary key to obtain the first temporary key;
  • the encrypted first identity identification information is decrypted using the first temporary key to obtain the first identity identification information.
  • it also includes:
  • the data receiving hard disk and the data sending hard disk generate a symmetric key and an authentication key using the first temporary key, the first identity identification information, the second temporary key, and the second identity identification information respectively.
  • it also includes:
  • the data sending hard disk calculates the second verification data using the first formula, encrypts the second verification data using the symmetric key, and The encrypted second verification data is sent to the data receiving hard disk, wherein the first formula is:
  • K is the authentication key
  • M1 is the second temporary key
  • opad and ipad are different constants
  • H represents hash operation
  • ' represents data concatenation.
  • it also includes:
  • the data receiving hard disk calculates the first verification data using the first formula, decrypts the received encrypted second verification data using the symmetric key, and compares the first verification data with the second verification data.
  • it also includes:
  • the data receiving hard disk calculates the first verification data using the second formula, encrypts the first verification data using the symmetric key, and sends the encrypted first verification data to the data sending hard disk, wherein the second formula is:
  • K is the authentication key
  • M2 is the first temporary key
  • opad and ipad are different constants
  • H represents hash operation
  • ' represents data concatenation.
  • it also includes:
  • the data sending hard disk calculates the second verification data using the second formula, decrypts the received encrypted first verification data using the symmetric key, and compares the first verification data with the second verification data.
  • the data sending hard disk encrypts the data to be transmitted using a symmetric key and sends the encrypted data to the data receiving hard disk, further comprising:
  • the encrypted data to be transmitted and the hash value are sent to the data receiving hard disk.
  • the data receiving hard disk uses a symmetric key to decrypt the received data to be transmitted, further comprising:
  • the plaintext data is decrypted using the symmetric key and saved to a corresponding location based on the address and data length.
  • the following describes in detail the data transmission method proposed in the present application by taking the local hard disk as the data sending hard disk and the remote server hard disk as the data receiving hard disk as an example.
  • the local host sends a custom negotiation key start command to the remote server through the IP address of the remote server and the pre-agreed port number.
  • the remote server uses the port number to determine that this is an application instruction for negotiating keys and secure data transmission, and sends a private command to the SSD where the data is to be stored, reading the SSD certificate SSD_cert_sig_server signature certificate and SSD_cert_enc_server encryption certificate.
  • the SSD organization returns the signature certificate payload sig_cert_server_payload and the encryption certificate payload enc_cert_server_payload (multiple types of data are transmitted during the data interaction process, referred to as payloads here) and sends them to the local host.
  • the local host After receiving the data, the local host sends it to the local SSD.
  • the SSD determines that it has received the certificate payload and uses the manufacturer's public key in the manufacturer's certificate Vendor_cert stored in the non-volatile flash before leaving the factory to verify the legitimacy of the two certificates. If successful, continue with subsequent operations. If certificate verification fails, stop subsequent negotiations and return an error status.
  • the local SSD After the local SSD successfully verifies the certificate of the server-side SSD, it generates a temporary symmetric key Sk_local, and uses the public key pub_server in the public key certificate of the server-side SSD SSD_cert_enc_server to encrypt the symmetric key Sk_local, and obtains the symmetric key payload Sk_local_payload.
  • the symmetric key Sk_local is used to encrypt the SSD's own identity information (such as serial number and other information representing the identity) to obtain the identity information payload ID_local_payload.
  • the local SSD's own SSD_cert_sig_local signature certificate and SSD_cert_enc_local encryption certificate are used to organize the signature certificate payload sig_cert_local_payload and the encrypted certificate payload enc_cert_local_payload.
  • the local SSD's signature private key sig_priv_local is used to calculate the signature data sig_local for Sk_local_payload, ID_local_payload, and enc_cert_local_payload (the calculation formula is as follows), and the signature payload sig_payload_local is organized.
  • the local SSD sends the above organized payload data to the local host, and the local host sends it to the remote server.
  • sig_local Asymmetric_Sign(Sk_local_payload
  • the remote server After receiving the data, the remote server sends it to the server-side SSD.
  • the server-side SSD After receiving the data, the server-side SSD first uses the manufacturer's public key in the manufacturer certificate Vendor_cert stored in the non-volatile flash before leaving the factory to verify the legitimacy of the two certificates in sig_cert_local_payload and enc_cert_local_payload. If the certificate is legitimate, the signature data sig_local of the signature payload sig_payload_local is verified using the local SSD signature public key in the signature certificate payload sig_cert_local_payload and the transmitted payload data. If the signature data verification is successful, it means that the data transmission is complete and legal. The attacker cannot obtain the manufacturer's private key and cannot modify the certificate payload, otherwise the certificate verification will fail. The attacker also cannot obtain the private key of the local SSD. If the transmitted data is modified, the signature payload sig_payload_local will fail to verify the signature.
  • the server-side SSD uses its own encryption and decryption private key to decrypt the symmetric key payload Sk_local_payload to obtain the temporary symmetric key Sk_local of the local SSD (because the local SSD uses the encryption public key of the server-side SSD when encrypting Sk_local), and then uses Sk_local to decrypt the identity information payload ID_local_payload to obtain the identity information ID_local of the local SSD.
  • the server-side SSD generates a temporary symmetric key Sk_server, and uses the public key pub_local in the SSD_cert_enc_local certificate of the local SSD to encrypt the symmetric key Sk_server, and obtains the symmetric key payload Sk_server_payload.
  • the symmetric key Sk_server is used to encrypt the SSD's own identity information ID_server (such as serial number and other information representing identity) to obtain the identity information payload ID_server_payload.
  • the signature private key sig_priv_server of the server-side SSD is used to calculate the signature data sig_server (the calculation formula is as follows) for Sk_server_payload, ID_server_payload, and enc_cert_server_payload (which have been transmitted to the local SSD in message 3), and obtain the signature payload sig_payload_server.
  • the server-side SSD sends the payload data of the above organization to the server, and the server sends it to the local host.
  • sig_server Asymmetric_Sign(Sk_server_payload
  • the server-side SSD now knows Sk_local, Sk_server, ID_local, and ID_server, and uses the following algorithm to calculate the key seed keyseed. It then uses the keyseed to calculate the encryption key key_enc used to encrypt data in the second stage and the authentication key key_auth used to verify message integrity and data source identity.
  • keyseed PRF (HASH (Sk_local
  • key_enc PRF(keyseed, ID_local
  • key_auth PRF(key_enc, ID_local
  • the local host After receiving the data, the local host sends it to the local SSD. After receiving the data, the local SSD uses the server-side SSD signature public key in the server-side signature certificate payload sig_cert_server_payload received in message 3 and the transmitted payload data to verify the signature data of the signature payload sig_payload_server. If the signature data verification is successful, it means that the data transmission is complete and legal.
  • the local SSD uses its own encryption and decryption private key to decrypt the symmetric key payload Sk_server_payload to obtain the temporary symmetric key Sk_server of the server-side SSD, and then uses Sk_server to decrypt the identity information payload ID_server_payload to obtain the identity information ID_server of the server-side SSD.
  • the local SSD now knows Sk_local, Sk_server, ID_local, and ID_server, and uses the following algorithm to calculate the key seed keyseed, and then uses keyseed to calculate the encryption key key_enc used to encrypt data in the second stage and the authentication key key_auth used to verify message integrity and data source identity.
  • keyseed PRF(HASH(Sk_local
  • key_enc PRF(keyseed,ID_local
  • key_auth PRF(key_enc, ID_local
  • the local and server SSDs have already calculated the same key through the exchanged data and the agreed algorithm.
  • the local SSD uses the following formula to calculate hash_local:
  • K is key_auth
  • M1 is Sk_local
  • opad and ipad are different constants
  • It is an XOR operation
  • H represents hash operation
  • ' represents data concatenation.
  • the encryption key key_enc calculated locally is then used to encrypt hash_local, and the resulting encrypted hash data payload enc_hash_local_payload is sent to the remote server via the local host.
  • the server After receiving the data, the server sends it to the server-side SSD.
  • the server-side SSD uses the encryption key key_enc calculated by the server to decrypt the payload data and uses the same formula as above to verify whether hash_local is correct. If hash_local verification succeeds, the server-side SSD uses the following formula to calculate hash_server:
  • K is key_auth
  • M2 is Sk_server
  • the local host After receiving the data, the local host sends it to the local SSD.
  • the local SSD decrypts and verifies the hash_server. If the verification is successful, it means that both parties have calculated the same encryption key key_enc and authentication key key_auth through the previous interaction process, and can proceed to the second stage of data transmission.
  • a general payload header in order to distinguish each payload, can be defined.
  • current payload The length of this field is 1 byte, which identifies the type of this payload. Determine which operations to apply to the current data based on the payload type.
  • Next payload The length of this field is 1 byte, which identifies the type of the next payload after this payload. If the current payload is the last one, this field will be set to 0.
  • Payload length The length of this field is 2 bytes, and the length value is in bytes.
  • the calculation range includes the entire payload including the general payload header.
  • the remote server After receiving the data, the remote server sends it to the server-side SSD.
  • the server-side SSD first uses the authentication key key_auth to verify the hash value at the end of the data. If the hash value verification is successful, it means that the data is complete and has not been tampered with. Then the encryption key key_enc is used to decrypt the plaintext data and save it to the non-volatile flash according to the address and data length. If the hash value verification fails, it replies to the server that the verification failed, and the server informs the local host.
  • the validity period of the key depends on the actual usage.
  • the key may become invalid after sending and receiving a batch of data. If a new batch of data is to be transmitted, it needs to be renegotiated.
  • the solution proposed in this application performs key negotiation and data encryption transmission between hard disks, which is independent of the host environment, thus ensuring the flexibility and security of data transmission. That is, key negotiation is performed between solid-state drives, and the host does not need to install any relevant security certificates, and does not need to rely too much on whether the local system environment is trustworthy. There is no need to worry about the local host being invaded to obtain the plaintext data of the solid-state drive or obtain key information. It only needs to send private commands to the solid-state hardware in the local system environment, and transmit the obtained data remotely to the server via the network. Each time a data transmission is applied, a key negotiation is first performed between the solid-state drives, and the transmitted data is encrypted using the negotiated key, and a hash value is calculated to ensure the security and integrity of data transmission.
  • an embodiment of the present application further provides a computer device 501, including:
  • the memory 510 stores a computer program 511 that can be run on the processor.
  • the processor 520 executes the program, the steps of any of the above data transmission methods are performed.
  • an embodiment of the present application also provides a non-transitory computer-readable storage medium 601, which stores a computer program 610.
  • the computer program 610 When the computer program 610 is executed by a processor, it performs the steps of any of the above data transmission methods.
  • non-transitory computer-readable storage medium eg, memory
  • the non-transitory computer-readable storage medium is a non-volatile memory.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Signal Processing (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Computing Systems (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

The present application relates to the field of storage, and discloses a data transmission method, comprising the following steps: a data sending hard disk and a data receiving hard disk perform identity information negotiation and temporary key negotiation by using a digital certificate, and generate the same symmetric key on the basis of negotiated identity information and temporary key; the data sending hard disk encrypts, by using the symmetric key, data to be transmitted and sends same to the data receiving hard disk; and the data receiving hard disk decrypts, by using the symmetric key, the received data to be transmitted. The present application further discloses a computer device and a non-transient computer readable storage medium. according to the solution provided by the present application, key negotiation and data encryption transmission are performed between hard disks without depending on a host environment, thus ensuring the flexibility and security of data transmission.

Description

一种数据传输方法、设备以及存储介质Data transmission method, device and storage medium
相关申请的交叉引用CROSS-REFERENCE TO RELATED APPLICATIONS
本申请要求在2022年11月30日提交中国专利局、申请号为202211513285.X、发明名称为“一种数据传输方法、设备以及存储介质”的中国专利申请的优先权,其全部内容通过引用结合在本申请中。This application claims priority to a Chinese patent application filed with the China Patent Office on November 30, 2022, with application number 202211513285.X and invention name “A data transmission method, device and storage medium”, the entire contents of which are incorporated by reference in this application.
技术领域Technical Field
本申请涉及存储领域,具体涉及一种数据传输方法、设备以及存储介质。The present application relates to the field of storage, and in particular to a data transmission method, device and storage medium.
背景技术Background technique
目前固态硬盘由于低时延、高性能、低功耗等优点被广泛用于记录数据,例如在人工智能、环境检测等环境中,需要快速的收集大量的数据,用于后续的分析或训练,但限于本地环境的条件,可能需要把数据通过网络远程传输到服务器端进行分析建模。为了防止数据在网络传输过程中被攻击者窃取或修改,需要对数据进行加密处理,一般采用的方案是在主机上把固态硬盘数据读出后,双方进行密钥协商,通过双方协商的密钥进行加密传输,但这种方案依赖于主机环境,需要主机必须是可信任的,否则依然会带来数据的泄密。At present, solid-state drives are widely used to record data due to their advantages such as low latency, high performance, and low power consumption. For example, in environments such as artificial intelligence and environmental testing, a large amount of data needs to be collected quickly for subsequent analysis or training. However, due to the conditions of the local environment, the data may need to be remotely transmitted to the server through the network for analysis and modeling. In order to prevent data from being stolen or modified by attackers during network transmission, the data needs to be encrypted. The generally adopted solution is to read the solid-state drive data on the host, and then the two parties negotiate the key and encrypt the data using the negotiated key. However, this solution depends on the host environment and requires the host to be trustworthy, otherwise it will still lead to data leakage.
发明内容Summary of the invention
有鉴于此,为了克服上述问题的至少一个方面,本申请实施例根据本申请的第一方面提出了一种数据传输方法,包括以下步骤:In view of this, in order to overcome at least one aspect of the above problems, the embodiment of the present application proposes a data transmission method according to the first aspect of the present application, comprising the following steps:
数据发送硬盘以及数据接收硬盘利用数字证书进行身份标识信息协商以及临时密钥协商,并基于协商的身份标识信息和临时密钥生成相同的对称密钥;The data sending hard disk and the data receiving hard disk use the digital certificate to negotiate identity information and temporary key, and generate the same symmetric key based on the negotiated identity information and temporary key;
数据发送硬盘利用对称密钥对待传输的数据进行加密并发送到数据接收硬盘;The data sending hard disk uses the symmetric key to encrypt the data to be transmitted and sends it to the data receiving hard disk;
数据接收硬盘利用对称密钥对接收到的待传输的数据进行解密。The data receiving hard disk uses the symmetric key to decrypt the received data to be transmitted.
在一些实施例中,还包括:In some embodiments, it also includes:
数据发送硬盘和数据接收硬盘出厂前,均预先生成签名公私钥对和加密公私钥对;Before the data sending hard disk and the data receiving hard disk leave the factory, the signature public-private key pair and the encryption public-private key pair are pre-generated;
利用预设私钥对签名公私钥对中的公钥和加密公私钥对进行签名得到签名证书和加密证书;Use the preset private key to sign the public key in the signature public-private key pair and the encryption public-private key pair to obtain a signature certificate and an encryption certificate;
将签名公私钥对中与签名证书对应的签名私钥、签名证书、加密公私钥对中与加密证书对应的加密私钥、加密证书以及预设私钥对应的公钥证书保存到预设存储位置。 The signature private key corresponding to the signature certificate in the signature public-private key pair, the signature certificate, the encryption private key corresponding to the encryption certificate in the encryption public-private key pair, the encryption certificate, and the public key certificate corresponding to the preset private key are saved to the preset storage location.
在一些实施例中,数据发送硬盘以及数据接收硬盘利用数字证书进行身份标识信息协商以及临时密钥协商,并基于协商的身份标识信息和临时密钥生成相同的对称密钥,进一步包括:In some embodiments, the data sending hard disk and the data receiving hard disk use digital certificates to negotiate identity information and temporary keys, and generate the same symmetric key based on the negotiated identity information and temporary keys, further comprising:
利用数据发送硬盘向数据接收硬盘发送预设命令;Using the data sending hard disk to send a preset command to the data receiving hard disk;
数据接收硬盘接收到预设命令,读取第一签名证书和第一加密证书,并发送给数据发送硬盘;The data receiving hard disk receives the preset command, reads the first signature certificate and the first encryption certificate, and sends them to the data sending hard disk;
响应于数据发送硬盘接收到第一签名证书和第一加密证书,利用数据发送硬盘中的公钥证书验证第一签名证书和第一加密证书的合法性。In response to the data sending hard disk receiving the first signature certificate and the first encryption certificate, the legitimacy of the first signature certificate and the first encryption certificate is verified using the public key certificate in the data sending hard disk.
在一些实施例中,还包括:In some embodiments, it also includes:
响应于验证通过,数据发送硬盘生成第二临时密钥,并利用接收到的第一加密证书加密第二临时密钥;In response to the verification being passed, the data sending hard disk generates a second temporary key, and encrypts the second temporary key using the received first encryption certificate;
利用第二临时密钥加密数据发送硬盘的第二身份标识信息;Using the second temporary key to encrypt the data, the second identity information of the hard disk is sent;
获取数据发送硬盘的第二签名证书和第二加密证书;Obtain a second signature certificate and a second encryption certificate of the hard disk to which the data is sent;
利用数据发送硬盘的签名私钥对加密后的第二临时密钥、加密后的第二身份标识信息、第二签名证书和第二加密证书进行签名得到第二签名数据,并发送到数据接收硬盘。The encrypted second temporary key, the encrypted second identity information, the second signature certificate and the second encryption certificate are signed using the signature private key of the data sending hard disk to obtain second signature data, and sent to the data receiving hard disk.
在一些实施例中,还包括:In some embodiments, it also includes:
响应于数据接收硬盘接收到第二签名数据,利用数据接收硬盘中的公钥证书验证第二签名数据中的第二签名证书和第二加密证书的合法性;In response to the data receiving hard disk receiving the second signature data, using the public key certificate in the data receiving hard disk to verify the legitimacy of the second signature certificate and the second encryption certificate in the second signature data;
响应于合法,利用第二签名证书验证第二签名数据是否完整。In response to the validity, the second signature certificate is used to verify whether the second signature data is complete.
在一些实施例中,还包括:In some embodiments, it also includes:
数据接收硬盘利用第一加密证书对应的第一加密私钥对加密后的第二临时密钥进行解密得到第二临时密钥;The data receiving hard disk uses the first encryption private key corresponding to the first encryption certificate to decrypt the encrypted second temporary key to obtain the second temporary key;
利用第二临时密钥对加密后的第二身份标识信息进行解密得到第二身份标识信息。The encrypted second identity identification information is decrypted using the second temporary key to obtain the second identity identification information.
在一些实施例中,还包括:In some embodiments, it also includes:
数据接收硬盘生成第一临时密钥,并利用接收到的第二加密证书加密第一临时密钥;The data receiving hard disk generates a first temporary key, and encrypts the first temporary key using the received second encryption certificate;
利用第一临时密钥加密数据接收硬盘的第一身份标识信息;Encrypting the data using the first temporary key to receive the first identity information of the hard disk;
利用数据接收硬盘的签名私钥对加密后的第一临时密钥、加密后的第一身份标识信息进行签名得到第一签名数据,并发送到数据发送硬盘。The encrypted first temporary key and the encrypted first identity identification information are signed using the signature private key of the data receiving hard disk to obtain first signature data, and the first signature data is sent to the data sending hard disk.
在一些实施例中,还包括:In some embodiments, it also includes:
响应于数据发送硬盘利用第一签名证书对第一签名数据进行完整性验证。In response to the data being sent, the hard disk uses the first signature certificate to verify the integrity of the first signature data.
在一些实施例中,还包括:In some embodiments, it also includes:
数据发送硬盘利用第二加密证书对应的第二加密私钥对加密后的第一临时密钥进行解密得到第一临时密钥;The data sending hard disk uses the second encryption private key corresponding to the second encryption certificate to decrypt the encrypted first temporary key to obtain the first temporary key;
利用第一临时密钥对加密后的第一身份标识信息进行解密得到第一身份标识信息。The encrypted first identity identification information is decrypted using the first temporary key to obtain the first identity identification information.
在一些实施例中,还包括:In some embodiments, it also includes:
数据接收硬盘和数据发送硬盘分别利用第一临时密钥、第一身份标识信息、第二临时密钥、第二身份标识信息生成对称密钥和鉴别密钥。The data receiving hard disk and the data sending hard disk generate a symmetric key and an authentication key using the first temporary key, the first identity identification information, the second temporary key, and the second identity identification information respectively.
在一些实施例中,还包括:In some embodiments, it also includes:
数据发送硬盘利用第一公式计算第二校验数据,并利用对称密钥加密第二校验数据,以及将加 密后的第二校验数据发送到数据接收硬盘,其中,第一公式为:
The data sending hard disk calculates the second verification data using the first formula, encrypts the second verification data using the symmetric key, and The encrypted second verification data is sent to the data receiving hard disk, wherein the first formula is:
其中,K为鉴别密钥,M1为第二临时密钥|第一临时密钥|第二身份标识信息|第一身份标识信息,opad、ipad为不同的常数,为XOR运算,H表示hash运算,‘|’表示数据拼接。Wherein, K is the authentication key, M1 is the second temporary key | the first temporary key | the second identity information | the first identity information, opad and ipad are different constants, It is an XOR operation, H represents hash operation, and '|' represents data concatenation.
在一些实施例中,还包括:In some embodiments, it also includes:
数据接收硬盘利用第一公式计算第一校验数据,并利用对称密钥解密接收到的加密后的第二校验数据,并将第一校验数据与第二校验数据进行对比。The data receiving hard disk calculates the first verification data using the first formula, decrypts the received encrypted second verification data using the symmetric key, and compares the first verification data with the second verification data.
在一些实施例中,还包括:In some embodiments, it also includes:
数据接收硬盘利用第二公式计算第一校验数据,并利用对称密钥加密第一校验数据,以及将加密后的第一校验数据发送到数据发送硬盘,其中,第二公式为:
The data receiving hard disk calculates the first verification data using the second formula, encrypts the first verification data using the symmetric key, and sends the encrypted first verification data to the data sending hard disk, wherein the second formula is:
其中,K为鉴别密钥,M2为第一临时密钥|第二临时密钥|第一身份标识信息|第二身份标识信息,opad、ipad为不同的常数,为XOR运算,H表示hash运算,‘|’表示数据拼接。Wherein, K is the authentication key, M2 is the first temporary key | the second temporary key | the first identity information | the second identity information, opad and ipad are different constants, It is an XOR operation, H represents hash operation, and '|' represents data concatenation.
在一些实施例中,还包括:In some embodiments, it also includes:
数据发送硬盘利用第二公式计算第二校验数据,并利用对称密钥解密接收到的加密后的第一校验数据,并将第一校验数据与第二校验数据进行对比。The data sending hard disk calculates the second verification data using the second formula, decrypts the received encrypted first verification data using the symmetric key, and compares the first verification data with the second verification data.
在一些实施例中,数据发送硬盘利用对称密钥对待传输的数据进行加密并发送到数据接收硬盘,进一步包括:In some embodiments, the data sending hard disk encrypts the data to be transmitted using a symmetric key and sends the encrypted data to the data receiving hard disk, further comprising:
获取待传输的数据并利用对称密钥进行加密;Obtaining data to be transmitted and encrypting it using a symmetric key;
组织头信息并利用鉴别密钥计算头信息的哈希值;Organize the header information and calculate the hash value of the header information using the authentication key;
将加密后的待传输数据以及哈希值发送到数据接收硬盘。The encrypted data to be transmitted and the hash value are sent to the data receiving hard disk.
在一些实施例中,数据接收硬盘利用对称密钥对接收到的待传输的数据进行解密,进一步包括:In some embodiments, the data receiving hard disk uses a symmetric key to decrypt the received data to be transmitted, further comprising:
利用鉴别密钥验证哈希值;Verify the hash value using the authentication key;
响应于验证成功,使用对称密钥解密出明文数据,并根据地址和数据长度保存到相应位置。In response to successful verification, the plaintext data is decrypted using the symmetric key and saved to a corresponding location based on the address and data length.
基于同一发明构思,根据本申请的第二方面,本申请的实施例还提供了一种计算机设备,包括:Based on the same inventive concept, according to the second aspect of the present application, an embodiment of the present application further provides a computer device, including:
至少一个处理器;以及at least one processor; and
存储器,存储器存储有可在处理器上运行的计算机程序,其特征在于,处理器执行程序时执行如上的任一种数据传输方法的步骤。A memory storing a computer program executable on a processor, wherein the processor executes the steps of any one of the above data transmission methods when executing the program.
基于同一发明构思,根据本申请的第三方面,本申请的实施例还提供了一种非暂态计算机可读存储介质,非暂态计算机可读存储介质存储有计算机程序,计算机程序被处理器执行时执行如上的任一种数据传输方法的步骤。Based on the same inventive concept, according to the third aspect of the present application, an embodiment of the present application also provides a non-transitory computer-readable storage medium, which stores a computer program. When the computer program is executed by a processor, it performs the steps of any of the above data transmission methods.
本申请具有以下有益技术效果之一:本申请提出的方案通过硬盘之间进行密钥协商和数据加密传输,不依赖于主机环境,保证了数据传输的灵活性和安全性。The present application has one of the following beneficial technical effects: the solution proposed in the present application performs key negotiation and data encryption transmission between hard disks, is independent of the host environment, and ensures the flexibility and security of data transmission.
附图说明BRIEF DESCRIPTION OF THE DRAWINGS
为了更清楚地说明本申请实施例或现有技术中的技术方案,下面将对实施例或现有技术描述中 所需要使用的附图作简单地介绍,显而易见地,下面描述中的附图仅仅是本申请的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的实施例。In order to more clearly illustrate the technical solutions in the embodiments of the present application or the prior art, the following will describe the technical solutions in the embodiments or the prior art. The drawings required for use are briefly introduced. Obviously, the drawings described below are only some embodiments of the present application. For ordinary technicians in this field, other embodiments can be obtained based on these drawings without paying any creative work.
图1为本申请的实施例提供的数据传输方法的流程示意图;FIG1 is a schematic diagram of a flow chart of a data transmission method provided in an embodiment of the present application;
图2为本申请的实施例提供的第一阶段中协商密钥过程中所有数据交互的示意图;FIG2 is a schematic diagram of all data interactions during the key negotiation process in the first phase provided by an embodiment of the present application;
图3为本申请的实施例提供的第一阶段中协商密钥过程中的部分数据交互的示意图;FIG3 is a schematic diagram of part of the data interaction in the key negotiation process in the first stage provided by an embodiment of the present application;
图4为本申请的实施例提供的第一阶段中协商密钥过程中的另一部分数据交互的示意图;FIG4 is a schematic diagram of another part of data interaction in the key negotiation process in the first stage provided by an embodiment of the present application;
图5为本申请的实施例提供的第一阶段中协商密钥过程中的另一部分数据交互的示意图;FIG5 is a schematic diagram of another part of data interaction in the key negotiation process in the first stage provided by an embodiment of the present application;
图6为本申请的实施例定义的通用载荷头示意图;FIG6 is a schematic diagram of a universal load head defined in an embodiment of the present application;
图7为本申请的实施例提供的头信息示意图;FIG7 is a schematic diagram of header information provided by an embodiment of the present application;
图8为本申请的实施例提供的计算机设备的结构示意图;FIG8 is a schematic diagram of the structure of a computer device provided in an embodiment of the present application;
图9为本申请的实施例提供的非暂态计算机可读存储介质的结构示意图。FIG. 9 is a schematic diagram of the structure of a non-transitory computer-readable storage medium provided in an embodiment of the present application.
具体实施方式Detailed ways
为使本申请的目的、技术方案和优点更加清楚明白,以下结合具体实施例,并参照附图,对本申请实施例进一步详细说明。In order to make the objectives, technical solutions and advantages of the present application more clearly understood, the embodiments of the present application are further described in detail below in combination with specific embodiments and with reference to the accompanying drawings.
需要说明的是,本申请实施例中所有使用“第一”和“第二”的表述均是为了区分两个相同名称非相同的实体或者非相同的参量,可见“第一”“第二”仅为了表述的方便,不应理解为对本申请实施例的限定,后续实施例对此不再一一说明。It should be noted that all expressions using "first" and "second" in the embodiments of the present application are for distinguishing two non-identical entities with the same name or non-identical parameters. It can be seen that "first" and "second" are only for the convenience of expression and should not be understood as limitations on the embodiments of the present application. The subsequent embodiments will not explain this one by one.
在本申请的实施例中,Asymmetric_Encrypt(msg,pub_key):使用非对称密钥对的公钥pub_key对消息msg进行非对称算法加密。非对称算法可以为SM2或RSA等。In the embodiment of the present application, Asymmetric_Encrypt(msg,pub_key): uses the public key pub_key of the asymmetric key pair to encrypt the message msg using an asymmetric algorithm. The asymmetric algorithm may be SM2 or RSA, etc.
Asymmetric_Sign(msg,priv_key):使用非对称密钥对的私钥priv_key对消息msg进行数字签名。签名算法可以为SM2或RSA等。Asymmetric_Sign(msg, priv_key): Use the private key priv_key of the asymmetric key pair to digitally sign the message msg. The signature algorithm can be SM2 or RSA, etc.
Symmetric_Encrypt(msg,key):使用对称密钥key对消息msg进行对称算法加密。加密算法可以为SM4或3DES等。Symmetric_Encrypt(msg, key): Use the symmetric key key to encrypt the message msg using a symmetric algorithm. The encryption algorithm can be SM4 or 3DES, etc.
PRF(key,msg):使用密钥key对消息msg进行数据摘要计算。PRF(pseudo random function,伪随机函数)PRF (key, msg): Use the key key to calculate the data summary of the message msg. PRF (pseudo random function)
HASH(msg):使用密码杂凑算法对消息msg进行数据摘要计算。摘要算法可以为SM3或SHA-256等。HASH(msg): Use a cryptographic hash algorithm to calculate the data digest of the message msg. The digest algorithm can be SM3 or SHA-256.
Vendor_cert:厂商证书,厂商私钥对厂商公钥签发的证书。证书的内容包括:厂商的信息、厂商公钥、权威机构的签字和有效期等等。证书的格式和验证方法普遍遵循X.509国际标准。Vendor_cert: Vendor certificate, a certificate issued by the vendor's private key to the vendor's public key. The contents of the certificate include: vendor information, vendor public key, signature of an authority, validity period, etc. The format and verification method of the certificate generally follow the X.509 international standard.
SSD_cert:SSD证书,使用厂商私钥对SSD的公钥签发的证书。证书的内容包括:厂商的信息、SSD公钥、权威机构的签字和有效期等等。证书的格式和验证方法普遍遵循X.509国际标准。本申请使用的证书分为2种,一种是签名证书,相关联的公私钥对用来签名验证,本地SSD证书表示为SSD_cert_sig_local,远程服务器端的SSD证书表示为SSD_cert_sig_server。一种是加解密证书,相关联的公私钥对用来加解密操作,本地SSD证书表示为SSD_cert_enc_local,远程服务器端的SSD证书表示为SSD_cert_enc_server。 SSD_cert: SSD certificate, a certificate issued using the manufacturer's private key to the SSD's public key. The contents of the certificate include: manufacturer information, SSD public key, signature and validity period of the authority, etc. The format and verification method of the certificate generally follow the X.509 international standard. There are two types of certificates used in this application. One is a signature certificate. The associated public and private key pairs are used for signature verification. The local SSD certificate is represented as SSD_cert_sig_local, and the SSD certificate on the remote server is represented as SSD_cert_sig_server. One is an encryption and decryption certificate. The associated public and private key pairs are used for encryption and decryption operations. The local SSD certificate is represented as SSD_cert_enc_local, and the SSD certificate on the remote server is represented as SSD_cert_enc_server.
HMAC:是密钥相关的哈希运算消息认证码(Hash-based Message Authentication Code)的缩写。HMAC中的H代指Hash散列算法,HMAC可以使用多种单项散列式,例如使用SHA-1。 其中‘K’表示密钥,‘M’表示消息,表示XOR运算,‘H’表示hash运算,‘|’表示前后数据拼接在一起,opad和ipad表示不同的常数。HMAC: It is the abbreviation of Hash-based Message Authentication Code. The H in HMAC refers to the Hash algorithm. HMAC can use a variety of one-way hashing formulas, such as SHA-1. Where 'K' represents the key, 'M' represents the message, Indicates XOR operation, 'H' indicates hash operation, '|' indicates concatenation of the previous and next data, and opad and ipad indicate different constants.
根据本申请的一个方面,本申请的实施例提出一种数据传输方法,如图1所示,其可以包括步骤:According to one aspect of the present application, an embodiment of the present application proposes a data transmission method, as shown in FIG1 , which may include the steps of:
S1,数据发送硬盘以及数据接收硬盘利用数字证书进行身份标识信息协商以及临时密钥协商,并基于协商的身份标识信息和临时密钥生成相同的对称密钥;S1, the data sending hard disk and the data receiving hard disk use digital certificates to negotiate identity information and temporary keys, and generate the same symmetric key based on the negotiated identity information and temporary keys;
S2,数据发送硬盘利用对称密钥对待传输的数据进行加密并发送到数据接收硬盘;S2, the data sending hard disk uses the symmetric key to encrypt the data to be transmitted and sends it to the data receiving hard disk;
S3,数据接收硬盘利用对称密钥对接收到的待传输的数据进行解密。S3, the data receiving hard disk uses the symmetric key to decrypt the received data to be transmitted.
本申请提出的方案通过在硬盘之间进行密钥协商和数据加密传输,不依赖于主机环境,从而使得数据传输更加灵活和安全。The solution proposed in this application performs key negotiation and data encryption transmission between hard disks, which is independent of the host environment, thereby making data transmission more flexible and secure.
在一些实施例中,本申请设计的硬盘之间进行数据传输,例如本地固态硬盘与远程服务器上的固态硬盘之间进行安全数据传输,可以分为2个阶段,第一个阶段是密钥交换,第2个阶段是使用密钥加密保护传输数据。In some embodiments, data transmission between hard disks designed in the present application, such as secure data transmission between a local solid-state drive and a solid-state drive on a remote server, can be divided into two stages. The first stage is key exchange, and the second stage is the use of key encryption to protect the transmitted data.
(1)在第一阶段,通信双方使用数字证书的方式保护交互数据,通过交互的数据按照协商好的算法计算出相同的对称密钥,用于保护第二阶段的数据传输过程。攻击者无法获得厂商私钥,就不能生成合法的数字证书,即使攻击者截取到传输的SSD数字证书,但无法获取存储在SSD内部的私钥,也不能使用私钥解密数据或使用私钥签名数据,保证了密钥协商过程的安全性。(1) In the first phase, the communicating parties use digital certificates to protect the exchanged data. The same symmetric key is calculated based on the exchanged data according to the agreed algorithm to protect the data transmission process in the second phase. If the attacker cannot obtain the manufacturer's private key, he cannot generate a legitimate digital certificate. Even if the attacker intercepts the transmitted SSD digital certificate, he cannot obtain the private key stored in the SSD, nor can he use the private key to decrypt data or sign data, which ensures the security of the key negotiation process.
(2)在第二阶段,主机向SSD发送要读取的数据的地址和长度,SSD使用第一阶段得到的对称密钥,对数据计算哈希值,并使用对称密钥加密,再返回给主机。主机把数据通过网络远程传输给服务器,服务器上的SSD会使用第一阶段得到的对称密钥解密数据,验证哈希值,并保存数据。(2) In the second stage, the host sends the address and length of the data to be read to the SSD. The SSD uses the symmetric key obtained in the first stage to calculate the hash value of the data, encrypts it with the symmetric key, and returns it to the host. The host transmits the data remotely to the server through the network. The SSD on the server will use the symmetric key obtained in the first stage to decrypt the data, verify the hash value, and save the data.
在一些实施例中,还包括:In some embodiments, it also includes:
数据发送硬盘和数据接收硬盘出厂前,均预先生成签名公私钥对和加密公私钥对;Before the data sending hard disk and the data receiving hard disk leave the factory, the signature public-private key pair and the encryption public-private key pair are pre-generated;
利用预设私钥对签名公私钥对中的公钥和加密公私钥对进行签名得到签名证书和加密证书;Use the preset private key to sign the public key in the signature public-private key pair and the encryption public-private key pair to obtain a signature certificate and an encryption certificate;
将签名公私钥对中与签名证书对应的签名私钥、签名证书、加密公私钥对中与加密证书对应的加密私钥、加密证书以及预设私钥对应的公钥证书保存到预设存储位置。The signature private key corresponding to the signature certificate in the signature public-private key pair, the signature certificate, the encryption private key corresponding to the encryption certificate in the encryption public-private key pair, the encryption certificate, and the public key certificate corresponding to the preset private key are saved to the preset storage location.
具体的,在SSD出厂前,厂商向SSD发送私有命令,使SSD产生2对公私钥对,SSD把私钥保存到非易失性flash中,把公钥返回给主机,主机使用厂商私钥对SSD的公钥签名,分别生成SSD的SSD_cert_sig签名证书和SSD_cert_enc加密证书,并和厂商的公钥证书Vendor_cert一起发送给SSD,SSD把Vendor_cert、SSD_cert_sig签名证书和SSD_cert_enc加密证书保存到非易失性flash中。Specifically, before the SSD leaves the factory, the manufacturer sends a private command to the SSD to make the SSD generate two pairs of public and private key pairs. The SSD saves the private key in the non-volatile flash and returns the public key to the host. The host uses the manufacturer's private key to sign the SSD's public key, and generates the SSD_cert_sig signature certificate and SSD_cert_enc encryption certificate of the SSD respectively, and sends them together with the manufacturer's public key certificate Vendor_cert to the SSD. The SSD saves the Vendor_cert, SSD_cert_sig signature certificate and SSD_cert_enc encryption certificate in the non-volatile flash.
两对公私钥对,一对公私钥用于在密钥协商阶段,对传输的数据进行签名验签操作,保证数据的完整性和数据源身份,私钥签名,公钥验签。一对公私钥用于加解密操作,在密钥协商阶段,加解密产生的临时对称密钥,公钥加密,私钥解密。Two pairs of public and private keys, one pair of public and private keys is used to sign and verify the transmitted data during the key negotiation phase to ensure the integrity of the data and the identity of the data source, private key signature, public key signature verification. One pair of public and private keys is used for encryption and decryption operations. During the key negotiation phase, the temporary symmetric key generated by encryption and decryption is encrypted with the public key and decrypted with the private key.
需要说明的是,在本申请的实施例中,数据接收硬盘的签名证书记为第一签名证书,加密证书记为第一加密证书,身份标识信息记为第一身份标识信息,签名数据记为第一签名数据,临时密钥记为第一临时密钥;数据发送硬盘的签名证书记为第二签名证书,加密证书记为第二加密证书,身份标识信息记为第二身份标识信息,签名数据记为第二签名数据,临时密钥记为第二临时密钥。 It should be noted that, in an embodiment of the present application, the signature certificate of the data receiving hard disk is recorded as the first signature certificate, the encryption certificate is recorded as the first encryption certificate, the identity identification information is recorded as the first identity identification information, the signature data is recorded as the first signature data, and the temporary key is recorded as the first temporary key; the signature certificate of the data sending hard disk is recorded as the second signature certificate, the encryption certificate is recorded as the second encryption certificate, the identity identification information is recorded as the second identity identification information, the signature data is recorded as the second signature data, and the temporary key is recorded as the second temporary key.
在一些实施例中,数据发送硬盘以及数据接收硬盘利用数字证书进行身份标识信息协商以及临时密钥协商,并基于协商的身份标识信息和临时密钥生成相同的对称密钥,进一步包括:In some embodiments, the data sending hard disk and the data receiving hard disk use digital certificates to negotiate identity information and temporary keys, and generate the same symmetric key based on the negotiated identity information and temporary keys, further comprising:
利用数据发送硬盘向数据接收硬盘发送预设命令;Using the data sending hard disk to send a preset command to the data receiving hard disk;
数据接收硬盘接收到预设命令,读取第一签名证书和第一加密证书,并发送给数据发送硬盘;The data receiving hard disk receives the preset command, reads the first signature certificate and the first encryption certificate, and sends them to the data sending hard disk;
响应于数据发送硬盘接收到第一签名证书和第一加密证书,利用数据发送硬盘中的公钥证书验证第一签名证书和第一加密证书的合法性。In response to the data sending hard disk receiving the first signature certificate and the first encryption certificate, the legitimacy of the first signature certificate and the first encryption certificate is verified using the public key certificate in the data sending hard disk.
在一些实施例中,还包括:In some embodiments, it also includes:
响应于验证通过,数据发送硬盘生成第二临时密钥,并利用接收到的第一加密证书加密第二临时密钥;In response to the verification being passed, the data sending hard disk generates a second temporary key, and encrypts the second temporary key using the received first encryption certificate;
利用第二临时密钥加密数据发送硬盘的第二身份标识信息;Using the second temporary key to encrypt the data, the second identity information of the hard disk is sent;
获取数据发送硬盘的第二签名证书和第二加密证书;Obtain a second signature certificate and a second encryption certificate of the hard disk to which the data is sent;
利用数据发送硬盘的签名私钥对加密后的第二临时密钥、加密后的第二身份标识信息、第二签名证书和第二加密证书进行签名得到第二签名数据,并发送到数据接收硬盘。The encrypted second temporary key, the encrypted second identity information, the second signature certificate and the second encryption certificate are signed using the signature private key of the data sending hard disk to obtain second signature data, and sent to the data receiving hard disk.
在一些实施例中,还包括:In some embodiments, it also includes:
响应于数据接收硬盘接收到第二签名数据,利用数据接收硬盘中的公钥证书验证第二签名数据中的第二签名证书和第二加密证书的合法性;In response to the data receiving hard disk receiving the second signature data, using the public key certificate in the data receiving hard disk to verify the legitimacy of the second signature certificate and the second encryption certificate in the second signature data;
响应于合法,利用第二签名证书验证第二签名数据是否完整。In response to the validity, the second signature certificate is used to verify whether the second signature data is complete.
在一些实施例中,还包括:In some embodiments, it also includes:
数据接收硬盘利用第一加密证书对应的第一加密私钥对加密后的第二临时密钥进行解密得到第二临时密钥;The data receiving hard disk uses the first encryption private key corresponding to the first encryption certificate to decrypt the encrypted second temporary key to obtain the second temporary key;
利用第二临时密钥对加密后的第二身份标识信息进行解密得到第二身份标识信息。The encrypted second identity identification information is decrypted using the second temporary key to obtain the second identity identification information.
在一些实施例中,还包括:In some embodiments, it also includes:
数据接收硬盘生成第一临时密钥,并利用接收到的第二加密证书加密第一临时密钥;The data receiving hard disk generates a first temporary key, and encrypts the first temporary key using the received second encryption certificate;
利用第一临时密钥加密数据接收硬盘的第一身份标识信息;Encrypting the data using the first temporary key to receive the first identity information of the hard disk;
利用数据接收硬盘的签名私钥对加密后的第一临时密钥、加密后的第一身份标识信息进行签名得到第一签名数据,并发送到数据发送硬盘。The encrypted first temporary key and the encrypted first identity identification information are signed using the signature private key of the data receiving hard disk to obtain first signature data, and the first signature data is sent to the data sending hard disk.
在一些实施例中,还包括:In some embodiments, it also includes:
响应于数据发送硬盘利用第一签名证书对第一签名数据进行完整性验证。In response to the data being sent, the hard disk uses the first signature certificate to verify the integrity of the first signature data.
在一些实施例中,还包括:In some embodiments, it also includes:
数据发送硬盘利用第二加密证书对应的第二加密私钥对加密后的第一临时密钥进行解密得到第一临时密钥;The data sending hard disk uses the second encryption private key corresponding to the second encryption certificate to decrypt the encrypted first temporary key to obtain the first temporary key;
利用第一临时密钥对加密后的第一身份标识信息进行解密得到第一身份标识信息。The encrypted first identity identification information is decrypted using the first temporary key to obtain the first identity identification information.
在一些实施例中,还包括:In some embodiments, it also includes:
数据接收硬盘和数据发送硬盘分别利用第一临时密钥、第一身份标识信息、第二临时密钥、第二身份标识信息生成对称密钥和鉴别密钥。The data receiving hard disk and the data sending hard disk generate a symmetric key and an authentication key using the first temporary key, the first identity identification information, the second temporary key, and the second identity identification information respectively.
在一些实施例中,还包括:In some embodiments, it also includes:
数据发送硬盘利用第一公式计算第二校验数据,并利用对称密钥加密第二校验数据,以及将加 密后的第二校验数据发送到数据接收硬盘,其中,第一公式为:
The data sending hard disk calculates the second verification data using the first formula, encrypts the second verification data using the symmetric key, and The encrypted second verification data is sent to the data receiving hard disk, wherein the first formula is:
其中,K为鉴别密钥,M1为第二临时密钥|第一临时密钥|第二身份标识信息|第一身份标识信息,opad、ipad为不同的常数,为XOR运算,H表示hash运算,‘|’表示数据拼接。Wherein, K is the authentication key, M1 is the second temporary key | the first temporary key | the second identity information | the first identity information, opad and ipad are different constants, It is an XOR operation, H represents hash operation, and '|' represents data concatenation.
在一些实施例中,还包括:In some embodiments, it also includes:
数据接收硬盘利用第一公式计算第一校验数据,并利用对称密钥解密接收到的加密后的第二校验数据,并将第一校验数据与第二校验数据进行对比。The data receiving hard disk calculates the first verification data using the first formula, decrypts the received encrypted second verification data using the symmetric key, and compares the first verification data with the second verification data.
在一些实施例中,还包括:In some embodiments, it also includes:
数据接收硬盘利用第二公式计算第一校验数据,并利用对称密钥加密第一校验数据,以及将加密后的第一校验数据发送到数据发送硬盘,其中,第二公式为:
The data receiving hard disk calculates the first verification data using the second formula, encrypts the first verification data using the symmetric key, and sends the encrypted first verification data to the data sending hard disk, wherein the second formula is:
其中,K为鉴别密钥,M2为第一临时密钥|第二临时密钥|第一身份标识信息|第二身份标识信息,opad、ipad为不同的常数,为XOR运算,H表示hash运算,‘|’表示数据拼接。Wherein, K is the authentication key, M2 is the first temporary key | the second temporary key | the first identity information | the second identity information, opad and ipad are different constants, It is an XOR operation, H represents hash operation, and '|' represents data concatenation.
在一些实施例中,还包括:In some embodiments, it also includes:
数据发送硬盘利用第二公式计算第二校验数据,并利用对称密钥解密接收到的加密后的第一校验数据,并将第一校验数据与第二校验数据进行对比。The data sending hard disk calculates the second verification data using the second formula, decrypts the received encrypted first verification data using the symmetric key, and compares the first verification data with the second verification data.
在一些实施例中,数据发送硬盘利用对称密钥对待传输的数据进行加密并发送到数据接收硬盘,进一步包括:In some embodiments, the data sending hard disk encrypts the data to be transmitted using a symmetric key and sends the encrypted data to the data receiving hard disk, further comprising:
获取待传输的数据并利用对称密钥进行加密;Obtaining data to be transmitted and encrypting it using a symmetric key;
组织头信息并利用鉴别密钥计算头信息的哈希值;Organize the header information and calculate the hash value of the header information using the authentication key;
将加密后的待传输数据以及哈希值发送到数据接收硬盘。The encrypted data to be transmitted and the hash value are sent to the data receiving hard disk.
在一些实施例中,数据接收硬盘利用对称密钥对接收到的待传输的数据进行解密,进一步包括:In some embodiments, the data receiving hard disk uses a symmetric key to decrypt the received data to be transmitted, further comprising:
利用鉴别密钥验证哈希值;Verify the hash value using the authentication key;
响应于验证成功,使用对称密钥解密出明文数据,并根据地址和数据长度保存到相应位置。In response to successful verification, the plaintext data is decrypted using the symmetric key and saved to a corresponding location based on the address and data length.
下面以本地硬盘为数据发送硬盘、远程服务器硬盘为数据接收硬盘为例,详细说明本申请提出的数据传输方法。The following describes in detail the data transmission method proposed in the present application by taking the local hard disk as the data sending hard disk and the remote server hard disk as the data receiving hard disk as an example.
第一阶段中协商密钥过程中的数据交互可以如图2所示,结合图3-图5对数据交互过程进行分析:The data interaction during the key negotiation process in the first phase can be shown in Figure 2. The data interaction process is analyzed in conjunction with Figures 3 to 5:
(1)如图3所示,消息1、2、3为:(1) As shown in Figure 3, messages 1, 2, and 3 are:
a)当需要把本地固态硬盘的数据发送给远程服务器上的固态硬盘时,本地主机通过远程服务器的IP地址和事先约定好的端口号向远程服务器发送自定义的协商密钥启动命令。a) When the data of the local SSD needs to be sent to the SSD on the remote server, the local host sends a custom negotiation key start command to the remote server through the IP address of the remote server and the pre-agreed port number.
b)远程服务器通过端口号来判断这是协商密钥及安全数据传输的应用指令,向要存储数据的固态硬盘发送私有命令,读取固态硬盘证书SSD_cert_sig_server签名证书和SSD_cert_enc_server加密证书,SSD组织返回签名证书载荷sig_cert_server_payload和加密证书载荷enc_cert_server_payload(在数据交互过程中会传输多种类型的数据,这里称之为载荷)发送给本地主机。b) The remote server uses the port number to determine that this is an application instruction for negotiating keys and secure data transmission, and sends a private command to the SSD where the data is to be stored, reading the SSD certificate SSD_cert_sig_server signature certificate and SSD_cert_enc_server encryption certificate. The SSD organization returns the signature certificate payload sig_cert_server_payload and the encryption certificate payload enc_cert_server_payload (multiple types of data are transmitted during the data interaction process, referred to as payloads here) and sends them to the local host.
c)本地主机接收到数据后,发送给本地SSD,该SSD判断收到证书载荷,则使用出厂前保存在非易失性flash中的厂商证书Vendor_cert中的厂商公钥验证这2个证书的合法性。如果证书验证 成功则继续后续操作,如果证书验证失败,则停止后续协商,返回错误状态。c) After receiving the data, the local host sends it to the local SSD. The SSD determines that it has received the certificate payload and uses the manufacturer's public key in the manufacturer's certificate Vendor_cert stored in the non-volatile flash before leaving the factory to verify the legitimacy of the two certificates. If successful, continue with subsequent operations. If certificate verification fails, stop subsequent negotiations and return an error status.
(2)如图4所示,消息4、5为:(2) As shown in Figure 4, messages 4 and 5 are:
a)本地SSD验证服务器端SSD的证书成功后,产生一个临时对称密钥Sk_local,使用服务器端SSD的SSD_cert_enc_server加密公钥证书中的公钥pub_server加密该对称密钥Sk_local,得到对称密钥载荷Sk_local_payload。使用对称密钥Sk_local对SSD自身的身份标识信息(如序列号等代表身份的信息)进行加密,得到身份标识信息载荷ID_local_payload。使用本地SSD自身的SSD_cert_sig_local签名证书和SSD_cert_enc_local加密证书组织得到签名证书载荷sig_cert_local_payload和加密证书载荷enc_cert_local_payload。为了保证数据的完整性和防伪造,使用本地SSD的签名私钥sig_priv_local对Sk_local_payload、ID_local_payload、enc_cert_local_payload计算签名数据sig_local(计算公式如下所示),组织签名载荷sig_payload_local。本地SSD把上述组织的载荷数据发送给本地主机,本地主机发送给远程服务器。
sig_local=Asymmetric_Sign(Sk_local_payload|ID_local_payload|enc_cert_local_payload,
sig_priv_local)a) After the local SSD successfully verifies the certificate of the server-side SSD, it generates a temporary symmetric key Sk_local, and uses the public key pub_server in the public key certificate of the server-side SSD SSD_cert_enc_server to encrypt the symmetric key Sk_local, and obtains the symmetric key payload Sk_local_payload. The symmetric key Sk_local is used to encrypt the SSD's own identity information (such as serial number and other information representing the identity) to obtain the identity information payload ID_local_payload. The local SSD's own SSD_cert_sig_local signature certificate and SSD_cert_enc_local encryption certificate are used to organize the signature certificate payload sig_cert_local_payload and the encrypted certificate payload enc_cert_local_payload. In order to ensure data integrity and anti-counterfeiting, the local SSD's signature private key sig_priv_local is used to calculate the signature data sig_local for Sk_local_payload, ID_local_payload, and enc_cert_local_payload (the calculation formula is as follows), and the signature payload sig_payload_local is organized. The local SSD sends the above organized payload data to the local host, and the local host sends it to the remote server.
sig_local=Asymmetric_Sign(Sk_local_payload|ID_local_payload|enc_cert_local_payload,
sig_priv_local)
b)远程服务器接收到数据后,发送给服务器端SSD,服务器端SSD收到数据后,先使用出厂前保存在非易失性flash中的厂商证书Vendor_cert中的厂商公钥验证这sig_cert_local_payload和enc_cert_local_payload中的2个证书的合法性。如果证书合法,则使用签名证书载荷sig_cert_local_payload中的本地SSD签名公钥以及传输的载荷数据验证签名载荷sig_payload_local的签名数据sig_local,如果签名数据验证成功,表示数据传输完整且合法。攻击者无法拿到厂商私钥,不能修改证书载荷,否则证书会验证失败。攻击者也无法拿到本地端SSD的私钥,如果修改了传输数据,那么签名载荷sig_payload_local会验签失败。b) After receiving the data, the remote server sends it to the server-side SSD. After receiving the data, the server-side SSD first uses the manufacturer's public key in the manufacturer certificate Vendor_cert stored in the non-volatile flash before leaving the factory to verify the legitimacy of the two certificates in sig_cert_local_payload and enc_cert_local_payload. If the certificate is legitimate, the signature data sig_local of the signature payload sig_payload_local is verified using the local SSD signature public key in the signature certificate payload sig_cert_local_payload and the transmitted payload data. If the signature data verification is successful, it means that the data transmission is complete and legal. The attacker cannot obtain the manufacturer's private key and cannot modify the certificate payload, otherwise the certificate verification will fail. The attacker also cannot obtain the private key of the local SSD. If the transmitted data is modified, the signature payload sig_payload_local will fail to verify the signature.
c)服务器端SSD使用自己的加解密私钥解密对称密钥载荷Sk_local_payload得到本地SSD的临时对称密钥Sk_local(因为本地端SSD加密Sk_local时使用的是服务器端SSD的加密公钥),再使用Sk_local解密身份标识信息载荷ID_local_payload,得到本地SSD的身份标识信息ID_local。c) The server-side SSD uses its own encryption and decryption private key to decrypt the symmetric key payload Sk_local_payload to obtain the temporary symmetric key Sk_local of the local SSD (because the local SSD uses the encryption public key of the server-side SSD when encrypting Sk_local), and then uses Sk_local to decrypt the identity information payload ID_local_payload to obtain the identity information ID_local of the local SSD.
d)服务器端SSD产生一个临时对称密钥Sk_server,使用本地端SSD的SSD_cert_enc_local证书中的公钥pub_local加密该对称密钥Sk_server,得到对称密钥载荷Sk_server_payload。使用对称密钥Sk_server对SSD自身的身份标识信息ID_server(如序列号等代表身份的信息)进行加密,得到身份标识信息载荷ID_server_payload。为了保证数据的完整性和防伪造,使用服务器端SSD的签名私钥sig_priv_server对Sk_server_payload、ID_server_payload、enc_cert_server_payload(在消息3中已经传输给了本地端SSD)计算签名数据sig_server(计算公式如下所示),得到签名载荷sig_payload_server。服务器端SSD把上述组织的载荷数据发送给服务器,服务器发送给本地主机。
sig_server=Asymmetric_Sign(Sk_server_payload|ID_server_payload|enc_cert_server_payload,
sig_priv_server)d) The server-side SSD generates a temporary symmetric key Sk_server, and uses the public key pub_local in the SSD_cert_enc_local certificate of the local SSD to encrypt the symmetric key Sk_server, and obtains the symmetric key payload Sk_server_payload. The symmetric key Sk_server is used to encrypt the SSD's own identity information ID_server (such as serial number and other information representing identity) to obtain the identity information payload ID_server_payload. In order to ensure data integrity and anti-counterfeiting, the signature private key sig_priv_server of the server-side SSD is used to calculate the signature data sig_server (the calculation formula is as follows) for Sk_server_payload, ID_server_payload, and enc_cert_server_payload (which have been transmitted to the local SSD in message 3), and obtain the signature payload sig_payload_server. The server-side SSD sends the payload data of the above organization to the server, and the server sends it to the local host.
sig_server=Asymmetric_Sign(Sk_server_payload|ID_server_payload|enc_cert_server_payload,
sig_priv_server)
e)服务器端SSD现在已经知道了Sk_local、Sk_server、ID_local、ID_server,使用如下算法计算得到密钥种子keyseed,再使用keyseed计算得到第二阶段加密数据使用的加密密钥key_enc和验证消息完整性以及数据源身份所使用的鉴别密钥key_auth。
keyseed=PRF(HASH(Sk_local|Sk_server),ID_local|ID_server)
key_enc=PRF(keyseed,ID_local|ID_server|0)
key_auth=PRF(key_enc,ID_local|ID_server|1) e) The server-side SSD now knows Sk_local, Sk_server, ID_local, and ID_server, and uses the following algorithm to calculate the key seed keyseed. It then uses the keyseed to calculate the encryption key key_enc used to encrypt data in the second stage and the authentication key key_auth used to verify message integrity and data source identity.
keyseed = PRF (HASH (Sk_local | Sk_server), ID_local | ID_server)
key_enc = PRF(keyseed, ID_local|ID_server|0)
key_auth = PRF(key_enc, ID_local | ID_server | 1)
上述计算公式中的值0、1是为了防止计算得到的key_enc和key_auth相同。The values 0 and 1 in the above calculation formula are to prevent the calculated key_enc and key_auth from being the same.
f)本地主机接收到数据后,发送给本地端SSD,本地端SSD收到数据后,使用在消息3中收到的服务器端的签名证书载荷sig_cert_server_payload中的服务器端SSD签名公钥以及传输的载荷数据验证签名载荷sig_payload_server的签名数据,如果签名数据验证成功,表示数据传输完整且合法。f) After receiving the data, the local host sends it to the local SSD. After receiving the data, the local SSD uses the server-side SSD signature public key in the server-side signature certificate payload sig_cert_server_payload received in message 3 and the transmitted payload data to verify the signature data of the signature payload sig_payload_server. If the signature data verification is successful, it means that the data transmission is complete and legal.
g)本地端SSD使用自己的加解密私钥解密对称密钥载荷Sk_server_payload得到服务器端SSD的临时对称密钥Sk_server,再使用Sk_server解密身份标识信息载荷ID_server_payload,得到服务器端SSD的身份标识信息ID_server。g) The local SSD uses its own encryption and decryption private key to decrypt the symmetric key payload Sk_server_payload to obtain the temporary symmetric key Sk_server of the server-side SSD, and then uses Sk_server to decrypt the identity information payload ID_server_payload to obtain the identity information ID_server of the server-side SSD.
h)此时本地端SSD现在已经知道了Sk_local、Sk_server、ID_local、ID_server,使用如下算法计算得到密钥种子keyseed,再使用keyseed计算得到第二阶段加密数据使用的加密密钥key_enc和验证消息完整性以及数据源身份所使用的鉴别密钥key_auth。
keyseed=PRF(HASH(Sk_local|Sk_server),ID_local|ID_server)
key_enc=PRF(keyseed,ID_local|ID_server|0)
key_auth=PRF(key_enc,ID_local|ID_server|1)h) At this point, the local SSD now knows Sk_local, Sk_server, ID_local, and ID_server, and uses the following algorithm to calculate the key seed keyseed, and then uses keyseed to calculate the encryption key key_enc used to encrypt data in the second stage and the authentication key key_auth used to verify message integrity and data source identity.
keyseed=PRF(HASH(Sk_local|Sk_server),ID_local|ID_server)
key_enc=PRF(keyseed,ID_local|ID_server|0)
key_auth = PRF(key_enc, ID_local | ID_server | 1)
(3)如图5所示,消息6、7为:(3) As shown in Figure 5, messages 6 and 7 are:
a)这时本地端和服务器端SSD都已经通过交互的数据和协商好的算法计算出了相同的密钥。为了鉴别前面的交换过程,验证双方计算的密钥是否正确,本地端SSD使用如下公式计算hash_local:
a) At this point, the local and server SSDs have already calculated the same key through the exchanged data and the agreed algorithm. In order to authenticate the previous exchange process and verify whether the keys calculated by both parties are correct, the local SSD uses the following formula to calculate hash_local:
其中,K为key_auth,M1为Sk_local|Sk_server|ID_local|ID_server,opad、ipad为不同的常数,为XOR运算,H表示hash运算,‘|’表示数据拼接。Among them, K is key_auth, M1 is Sk_local|Sk_server|ID_local|ID_server, opad and ipad are different constants, It is an XOR operation, H represents hash operation, and '|' represents data concatenation.
再使用本地端计算出的加密密钥key_enc密钥加密hash_local,得到的加密的hash数据载荷enc_hash_local_payload通过本地主机发送给远程服务器。The encryption key key_enc calculated locally is then used to encrypt hash_local, and the resulting encrypted hash data payload enc_hash_local_payload is sent to the remote server via the local host.
b)服务器收到数据后,发送给服务器端SSD,服务器端SSD使用服务器端计算出的加密密钥key_enc解密载荷数据,并使用上述同样的公式验证hash_local是否正确。如果hash_local验证成功,则服务器端SSD使用如下公式计算hash_server:
b) After receiving the data, the server sends it to the server-side SSD. The server-side SSD uses the encryption key key_enc calculated by the server to decrypt the payload data and uses the same formula as above to verify whether hash_local is correct. If hash_local verification succeeds, the server-side SSD uses the following formula to calculate hash_server:
K为key_auth,M2为Sk_server|Sk_local|ID_server|ID_local。K is key_auth, and M2 is Sk_server|Sk_local|ID_server|ID_local.
需要说明的是,这里计算的消息中本地端和服务器端SSD的相关数据顺序不同,hash值就不同。It should be noted that the order of the relevant data of the local and server SSDs in the message calculated here is different, so the hash values are different.
再使用服务器端计算出的key_enc密钥加密hash_server,得到的加密的hash数据载荷enc_hash_server_payload通过服务器发送给本地主机。Then use the key_enc key calculated by the server to encrypt hash_server, and the encrypted hash data payload enc_hash_server_payload is sent to the local host through the server.
c)本地主机接收到数据后,发送给本地SSD,本地SSD解密后验证hash_server,验证通过后,表示双方已经通过前面的交互流程,计算得到了相同的加密密钥key_enc和鉴别密钥key_auth,可以进行第二阶段的数据传输。c) After receiving the data, the local host sends it to the local SSD. The local SSD decrypts and verifies the hash_server. If the verification is successful, it means that both parties have calculated the same encryption key key_enc and authentication key key_auth through the previous interaction process, and can proceed to the second stage of data transmission.
在一些实施例中,为了区分每种载荷,可以定义通用载荷头。如图6所示,当前载荷:这个字段的长度为1个字节,标识信息了本载荷的类型。根据载荷类型判断当前数据要应用哪些操作。下一个载荷:这个字段的长度为1个字节,标识信息了本载荷后下一个载荷的类型。如果当前载荷是最后一个,则该字段将被置为0。载荷长度:这个字段的长度为2个字节,长度数值以字节为单位。计算范围包括通用载荷头在内的整个载荷。 In some embodiments, in order to distinguish each payload, a general payload header can be defined. As shown in Figure 6, current payload: The length of this field is 1 byte, which identifies the type of this payload. Determine which operations to apply to the current data based on the payload type. Next payload: The length of this field is 1 byte, which identifies the type of the next payload after this payload. If the current payload is the last one, this field will be set to 0. Payload length: The length of this field is 2 bytes, and the length value is in bytes. The calculation range includes the entire payload including the general payload header.
第二阶段——数据加密保护传输Phase 2 - Data encryption to protect transmission
(1)经过第一阶段的密钥协商后,通信双方都建立了相同了密钥,可以开始传输数据了,本地主机向本地端SSD发送要读取的数据地址偏移和数据长度,本地端SSD收到后从非易失性flash中读出数据data,使用第一阶段协商出的对称算法加密密钥key_enc,使用如下公式①计算出加密的数据。组织出的如图7所示的头信息header(头信息可以根据实际情况进行扩展)、加密的数据,然后使用第一阶段协商出的鉴别密钥key_auth,使用如下公式②计算得到哈希值,然后加到数据的最后面,本地端SSD把组织后的数据,返回给本地主机,本地主机发送给远程服务器。
data_enc=Symmetric_Encrypt(data,key_enc)    ①
data_hash=HMAC(key_auth,header|data_enc)    ②(1) After the first phase of key negotiation, both parties have established the same key and can start transmitting data. The local host sends the data address offset and data length to be read to the local SSD. After receiving the data, the local SSD reads the data from the non-volatile flash and uses the symmetric algorithm encryption key key_enc negotiated in the first phase to calculate the encrypted data using the following formula ①. The organized header information shown in Figure 7 (the header information can be expanded according to actual conditions) and the encrypted data are then used. The authentication key key_auth negotiated in the first phase is used to calculate the hash value using the following formula ② and then added to the end of the data. The local SSD returns the organized data to the local host, which then sends it to the remote server.
data_enc=Symmetric_Encrypt(data,key_enc) ①
data_hash=HMAC(key_auth,header|data_enc) ②
(2)远程服务器收到数据后发给服务器端SSD,服务器端SSD先使用鉴别密钥key_auth验证数据末尾的哈希值,哈希值验证成功后,表示数据完整,没有被篡改。接着使用加密密钥key_enc解密出明文数据,根据地址和数据长度保存到非易失性flash中。如果哈希值验证失败,则回复给服务器验证失败,服务器告知本地主机。(2) After receiving the data, the remote server sends it to the server-side SSD. The server-side SSD first uses the authentication key key_auth to verify the hash value at the end of the data. If the hash value verification is successful, it means that the data is complete and has not been tampered with. Then the encryption key key_enc is used to decrypt the plaintext data and save it to the non-volatile flash according to the address and data length. If the hash value verification fails, it replies to the server that the verification failed, and the server informs the local host.
(3)如此重复上述步骤1、2,把要传输的所有数据都传输保存到了服务器端的SSD上了,这样服务器就可以使用这些数据进行分析或训练等操作。(3) Repeat steps 1 and 2 above to transfer and save all the data to the SSD on the server side, so that the server can use the data for analysis or training and other operations.
需要说明的是,密钥的有效期视实际使用情况而定,可以在发送接收完这一批数据之后,密钥就失效,如果再继续传输新的一批数据,则需要重新协商。It should be noted that the validity period of the key depends on the actual usage. The key may become invalid after sending and receiving a batch of data. If a new batch of data is to be transmitted, it needs to be renegotiated.
本申请提出的方案通过硬盘之间进行密钥协商和数据加密传输,不依赖于主机环境,保证了数据传输的灵活性和安全性。即固态硬盘之间进行密钥协商,不需要主机安装任何相关的安全证书,不需要过多依赖于本地系统环境是否可信,不用担心本地主机被入侵获取到固态硬盘的明文数据或得到密钥信息,只需要在本地系统环境中,向固态硬件发送私有命令,并把得到的数据通过网络远程传输给服务器即可。每次申请数据传输时,固态硬盘之间首先进行密钥协商,使用协商的密钥对传输的数据进行加密,及计算哈希值,保证数据传输的安全性和完整性。The solution proposed in this application performs key negotiation and data encryption transmission between hard disks, which is independent of the host environment, thus ensuring the flexibility and security of data transmission. That is, key negotiation is performed between solid-state drives, and the host does not need to install any relevant security certificates, and does not need to rely too much on whether the local system environment is trustworthy. There is no need to worry about the local host being invaded to obtain the plaintext data of the solid-state drive or obtain key information. It only needs to send private commands to the solid-state hardware in the local system environment, and transmit the obtained data remotely to the server via the network. Each time a data transmission is applied, a key negotiation is first performed between the solid-state drives, and the transmitted data is encrypted using the negotiated key, and a hash value is calculated to ensure the security and integrity of data transmission.
基于同一发明构思,根据本申请的另一个方面,如图8所示,本申请的实施例还提供了一种计算机设备501,包括:Based on the same inventive concept, according to another aspect of the present application, as shown in FIG8 , an embodiment of the present application further provides a computer device 501, including:
至少一个处理器520;以及at least one processor 520; and
存储器510,存储器510存储有可在处理器上运行的计算机程序511,处理器520执行程序时执行如上的任一种数据传输方法的步骤。The memory 510 stores a computer program 511 that can be run on the processor. When the processor 520 executes the program, the steps of any of the above data transmission methods are performed.
基于同一发明构思,根据本申请的另一个方面,如图9所示,本申请的实施例还提供了一种非暂态计算机可读存储介质601,该非暂态计算机可读存储介质601存储有计算机程序610,计算机程序610被处理器执行时执行如上的任一种数据传输方法的步骤。Based on the same inventive concept, according to another aspect of the present application, as shown in Figure 9, an embodiment of the present application also provides a non-transitory computer-readable storage medium 601, which stores a computer program 610. When the computer program 610 is executed by a processor, it performs the steps of any of the above data transmission methods.
最后需要说明的是,本领域普通技术人员可以理解实现上述实施例方法中的全部或部分流程,可以通过计算机程序来指令相关硬件来完成,程序可存储于一计算机可读取存储介质中,该程序在执行时,可包括如上述各方法的实施例的流程。Finally, it should be noted that a person skilled in the art can understand that all or part of the processes in the above-mentioned embodiment methods can be implemented by instructing related hardware through a computer program, and the program can be stored in a computer-readable storage medium. When the program is executed, it can include the processes of the embodiments of the above-mentioned methods.
此外,应该明白的是,本申请中的非暂态计算机可读存储介质(例如,存储器)是非易失性存储器。Furthermore, it should be understood that the non-transitory computer-readable storage medium (eg, memory) in the present application is a non-volatile memory.
本领域技术人员还将明白的是,结合这里的公开所描述的各种示例性逻辑块、模块、电路和算法步骤可以被实现为电子硬件、计算机软件或两者的组合。为了清楚地说明硬件和软件的这种可互 换性,已经就各种示意性组件、方块、模块、电路和步骤的功能对其进行了一般性的描述。这种功能是被实现为软件还是被实现为硬件取决于具体应用以及施加给整个系统的设计约束。本领域技术人员可以针对每种具体应用以各种方式来实现的功能,但是这种实现决定不应被解释为导致脱离本申请实施例公开的范围。It will also be apparent to those skilled in the art that the various exemplary logical blocks, modules, circuits, and algorithm steps described in conjunction with the disclosure herein may be implemented as electronic hardware, computer software, or a combination of both. In some embodiments, the functions of various schematic components, blocks, modules, circuits and steps have been generally described. Whether such functions are implemented as software or hardware depends on the specific application and the design constraints imposed on the entire system. Those skilled in the art may implement the functions in various ways for each specific application, but such implementation decisions should not be interpreted as causing a departure from the scope disclosed in the embodiments of the present application.
以上是本申请公开的示例性实施例,但是应当注意,在不背离权利要求限定的本申请实施例公开的范围的前提下,可以进行多种改变和修改。根据这里描述的公开实施例的方法权利要求的功能、步骤和/或动作不需以任何特定顺序执行。此外,尽管本申请实施例公开的元素可以以个体形式描述或要求,但除非明确限制为单数,也可以理解为多个。The above are exemplary embodiments disclosed in the present application, but it should be noted that various changes and modifications may be made without departing from the scope disclosed in the embodiments of the present application as defined in the claims. The functions, steps and/or actions of the method claims according to the disclosed embodiments described herein do not need to be performed in any particular order. In addition, although the elements disclosed in the embodiments of the present application may be described or required in individual form, they may also be understood as multiple unless explicitly limited to the singular.
应当理解的是,在本申请中使用的,除非上下文清楚地支持例外情况,单数形式“一个”旨在也包括复数形式。还应当理解的是,在本申请中使用的“和/或”是指包括一个或者一个以上相关联地列出的项目的任意和所有可能组合。It should be understood that, as used in this application, the singular forms "a", "an" are intended to include the plural forms as well, unless the context clearly supports an exception. It should also be understood that, as used in this application, "and/or" refers to any and all possible combinations of one or more associated listed items.
上述本申请实施例公开实施例序号仅仅为了描述,不代表实施例的优劣。The serial numbers of the embodiments disclosed in the above-mentioned embodiments of the present application are only for description and do not represent the advantages or disadvantages of the embodiments.
本领域普通技术人员可以理解实现上述实施例的全部或部分步骤可以通过硬件来完成,也可以通过程序来指令相关的硬件完成,程序可以存储于一种非暂态计算机可读存储介质中,上述提到的非暂态计算机存储介质可以是只读存储器,磁盘或光盘等。A person of ordinary skill in the art will appreciate that all or part of the steps for implementing the above embodiments may be accomplished by hardware, or may be accomplished by instructing related hardware through a program, and the program may be stored in a non-transitory computer-readable storage medium, and the non-transitory computer storage medium mentioned above may be a read-only memory, a disk, or an optical disk, etc.
所属领域的普通技术人员应当理解:以上任何实施例的讨论仅为示例性的,并非旨在暗示本申请实施例公开的范围(包括权利要求)被限于这些例子;在本申请实施例的思路下,以上实施例或者不同实施例中的技术特征之间也可以进行组合,并存在如上的本申请实施例的不同方面的许多其它变化,为了简明它们没有在细节中提供。因此,凡在本申请实施例的精神和原则之内,所做的任何省略、修改、等同替换、改进等,均应包含在本申请实施例的保护范围之内。 A person of ordinary skill in the art should understand that the discussion of any of the above embodiments is merely exemplary and is not intended to imply that the scope of the disclosure of the embodiments of the present application (including the claims) is limited to these examples; under the concept of the embodiments of the present application, the technical features in the above embodiments or different embodiments may also be combined, and there are many other variations of different aspects of the embodiments of the present application as above, which are not provided in detail for the sake of simplicity. Therefore, any omissions, modifications, equivalent substitutions, improvements, etc. made within the spirit and principles of the embodiments of the present application shall be included in the protection scope of the embodiments of the present application.

Claims (22)

  1. 一种数据传输方法,其特征在于,包括以下步骤:A data transmission method, characterized in that it comprises the following steps:
    数据发送硬盘以及数据接收硬盘利用数字证书进行身份标识信息协商以及临时密钥协商,并基于协商的身份标识信息和临时密钥生成相同的对称密钥;The data sending hard disk and the data receiving hard disk use the digital certificate to negotiate identity information and temporary key, and generate the same symmetric key based on the negotiated identity information and temporary key;
    所述数据发送硬盘利用所述对称密钥对待传输的数据进行加密并发送到所述数据接收硬盘;The data sending hard disk encrypts the data to be transmitted using the symmetric key and sends the encrypted data to the data receiving hard disk;
    所述数据接收硬盘利用所述对称密钥对接收到的所述待传输的数据进行解密。The data receiving hard disk uses the symmetric key to decrypt the received data to be transmitted.
  2. 如权利要求1所述的方法,其特征在于,还包括:The method according to claim 1, further comprising:
    所述数据发送硬盘和所述数据接收硬盘出厂前,均预先生成签名公私钥对和加密公私钥对;Before the data sending hard disk and the data receiving hard disk leave the factory, a signature public-private key pair and an encryption public-private key pair are pre-generated;
    利用预设私钥对所述签名公私钥对中的公钥和所述加密公私钥对进行签名得到签名证书和加密证书;Using a preset private key to sign the public key in the signature public-private key pair and the encryption public-private key pair to obtain a signature certificate and an encryption certificate;
    将所述签名公私钥对中与所述签名证书对应的签名私钥、所述签名证书、加密公私钥对中与所述加密证书对应的加密私钥、所述加密证书以及所述预设私钥对应的公钥证书保存到预设存储位置。The signature private key in the signature public-private key pair corresponding to the signature certificate, the signature certificate, the encryption private key in the encryption public-private key pair corresponding to the encryption certificate, the encryption certificate and the public key certificate corresponding to the preset private key are saved to a preset storage location.
  3. 如权利要求1所述的方法,其特征在于,数据发送硬盘以及数据接收硬盘利用数字证书进行身份标识信息协商以及临时密钥协商,并基于协商的身份标识信息和临时密钥生成相同的对称密钥,进一步包括:The method according to claim 1, wherein the data sending hard disk and the data receiving hard disk use digital certificates to negotiate identity information and temporary keys, and generate the same symmetric key based on the negotiated identity information and temporary keys, further comprising:
    利用所述数据发送硬盘向所述数据接收硬盘发送预设命令;Using the data sending hard disk to send a preset command to the data receiving hard disk;
    所述数据接收硬盘接收到所述预设命令,读取第一签名证书和第一加密证书,并发送给所述数据发送硬盘;The data receiving hard disk receives the preset command, reads the first signature certificate and the first encryption certificate, and sends them to the data sending hard disk;
    响应于所述数据发送硬盘接收到所述第一签名证书和所述第一加密证书,利用所述数据发送硬盘中的公钥证书验证所述第一签名证书和所述第一加密证书的合法性。In response to the data sending hard disk receiving the first signature certificate and the first encryption certificate, the legitimacy of the first signature certificate and the first encryption certificate is verified using the public key certificate in the data sending hard disk.
  4. 如权利要求3所述的方法,其特征在于,还包括:The method according to claim 3, further comprising:
    响应于验证通过,所述数据发送硬盘生成第二临时密钥,并利用接收到的第一加密证书加密所述第二临时密钥。In response to the verification being successful, the data sending hard disk generates a second temporary key and encrypts the second temporary key using the received first encryption certificate.
  5. 如权利要求4所述的方法,其特征在于,还包括:The method according to claim 4, further comprising:
    利用所述第二临时密钥加密所述数据发送硬盘的第二身份标识信息;以及Encrypting the data using the second temporary key to send the second identity information of the hard disk; and
    获取所述数据发送硬盘的第二签名证书和第二加密证书。Obtain a second signature certificate and a second encryption certificate of the data sending hard disk.
  6. 如权利要求5所述的方法,其特征在于,还包括:The method according to claim 5, further comprising:
    利用所述数据发送硬盘的签名私钥对加密后的所述第二临时密钥、加密后的所述第二身份标识信息、所述第二签名证书和所述第二加密证书进行签名得到第二签名数据,并发送到所述数据接收硬盘。The encrypted second temporary key, the encrypted second identity information, the second signature certificate and the second encryption certificate are signed using the signature private key of the data sending hard disk to obtain second signature data, and sent to the data receiving hard disk.
  7. 如权利要求6所述的方法,其特征在于,还包括:The method according to claim 6, further comprising:
    响应于所述数据接收硬盘接收到所述第二签名数据,利用所述数据接收硬盘中的公钥证书验证所述第二签名数据中的所述第二签名证书和所述第二加密证书的合法性;In response to the data receiving hard disk receiving the second signature data, using the public key certificate in the data receiving hard disk to verify the legitimacy of the second signature certificate and the second encryption certificate in the second signature data;
    响应于合法,利用第二签名证书验证所述第二签名数据是否完整。In response to the validity, the second signature certificate is used to verify whether the second signature data is complete.
  8. 如权利要求6所述的方法,其特征在于,还包括:The method according to claim 6, further comprising:
    所述数据接收硬盘利用所述第一加密证书对应的第一加密私钥对加密后的所述第二临时密钥进行解密得到所述第二临时密钥。 The data receiving hard disk uses the first encryption private key corresponding to the first encryption certificate to decrypt the encrypted second temporary key to obtain the second temporary key.
  9. 如权利要求8所述的方法,其特征在于,还包括:The method according to claim 8, further comprising:
    利用所述第二临时密钥对加密后的所述第二身份标识信息进行解密得到所述第二身份标识信息。The encrypted second identity identification information is decrypted using the second temporary key to obtain the second identity identification information.
  10. 如权利要求9所述的方法,其特征在于,还包括:The method according to claim 9, further comprising:
    所述数据接收硬盘生成第一临时密钥,并利用接收到的第二加密证书加密所述第一临时密钥;The data receiving hard disk generates a first temporary key, and encrypts the first temporary key using the received second encryption certificate;
    利用所述第一临时密钥加密所述数据接收硬盘的第一身份标识信息。The first temporary key is used to encrypt the first identity information of the data receiving hard disk.
  11. 如权利要求10所述的方法,其特征在于,还包括:The method according to claim 10, further comprising:
    利用所述数据接收硬盘的签名私钥对加密后的所述第一临时密钥、加密后的所述第一身份标识信息进行签名得到第一签名数据,并发送到所述数据发送硬盘。The encrypted first temporary key and the encrypted first identity identification information are signed using the signature private key of the data receiving hard disk to obtain first signature data, and the first signature data is sent to the data sending hard disk.
  12. 如权利要求11所述的方法,其特征在于,还包括:The method according to claim 11, further comprising:
    响应于所述数据发送硬盘利用所述第一签名证书对所述第一签名数据进行完整性验证。In response to the data sending, the hard disk uses the first signature certificate to verify the integrity of the first signature data.
  13. 如权利要求11所述的方法,其特征在于,还包括:The method according to claim 11, further comprising:
    所述数据发送硬盘利用所述第二加密证书对应的第二加密私钥对加密后的所述第一临时密钥进行解密得到所述第一临时密钥;The data sending hard disk uses the second encryption private key corresponding to the second encryption certificate to decrypt the encrypted first temporary key to obtain the first temporary key;
    利用所述第一临时密钥对加密后的所述第一身份标识信息进行解密得到所述第一身份标识信息。The encrypted first identity identification information is decrypted using the first temporary key to obtain the first identity identification information.
  14. 如权利要求13所述的方法,其特征在于,还包括:The method according to claim 13, further comprising:
    所述数据接收硬盘和所述数据发送硬盘分别利用所述第一临时密钥、所述第一身份标识信息、所述第二临时密钥、所述第二身份标识信息生成所述对称密钥和鉴别密钥。The data receiving hard disk and the data sending hard disk generate the symmetric key and the authentication key using the first temporary key, the first identity identification information, the second temporary key, and the second identity identification information respectively.
  15. 如权利要求14所述的方法,其特征在于,还包括:The method of claim 14, further comprising:
    所述数据发送硬盘利用第一公式计算第二校验数据,并利用所述对称密钥加密所述第二校验数据,以及将加密后的所述第二校验数据发送到所述数据接收硬盘,其中,所述第一公式为:The data sending hard disk calculates the second verification data using the first formula, encrypts the second verification data using the symmetric key, and sends the encrypted second verification data to the data receiving hard disk, wherein the first formula is:
    HMAC(K,M1)=H(K⊕opad∣H(K⊕ipad∣M1))HMAC(K,M1)=H(K⊕opad|H(K⊕ipad|M1))
    其中,K为鉴别密钥,M1为第二临时密钥|第一临时密钥|第二身份标识信息|第一身份标识信息,opad、ipad为不同的常数,为XOR运算,H表示hash运算,‘|’表示数据拼接。Wherein, K is the authentication key, M1 is the second temporary key | the first temporary key | the second identity information | the first identity information, opad and ipad are different constants, It is an XOR operation, H represents hash operation, and '|' represents data concatenation.
  16. 如权利要求15所述的方法,其特征在于,还包括:The method according to claim 15, further comprising:
    所述数据接收硬盘利用所述第一公式计算第一校验数据,并利用所述对称密钥解密接收到的加密后的所述第二校验数据,并将所述第一校验数据与所述第二校验数据进行对比。The data receiving hard disk calculates the first verification data using the first formula, decrypts the received encrypted second verification data using the symmetric key, and compares the first verification data with the second verification data.
  17. 如权利要求14所述的方法,其特征在于,还包括:The method of claim 14, further comprising:
    所述数据接收硬盘利用第二公式计算第一校验数据,并利用所述对称密钥加密所述第一校验数据,以及将加密后的所述第一校验数据发送到所述数据发送硬盘,其中,所述第二公式为:The data receiving hard disk calculates the first verification data using the second formula, encrypts the first verification data using the symmetric key, and sends the encrypted first verification data to the data sending hard disk, wherein the second formula is:
    其中,K为鉴别密钥,M2为第一临时密钥|第二临时密钥|第一身份标识信息|第二身份标识信息,opad、ipad为不同的常数,为XOR运算,H表示hash运算,‘|’表示数据拼接。Wherein, K is the authentication key, M2 is the first temporary key | the second temporary key | the first identity information | the second identity information, opad and ipad are different constants, It is an XOR operation, H represents hash operation, and '|' represents data concatenation.
  18. 如权利要求17所述的方法,其特征在于,还包括:The method of claim 17, further comprising:
    所述数据发送硬盘利用所述第二公式计算第二校验数据,并利用所述对称密钥解密接收到的加密后的所述第一校验数据,并将所述第一校验数据与所述第二校验数据进行对比。The data sending hard disk calculates the second verification data using the second formula, decrypts the received encrypted first verification data using the symmetric key, and compares the first verification data with the second verification data.
  19. 如权利要求14所述的方法,其特征在于,所述数据发送硬盘利用所述对称密钥对待传输的数据进行加密并发送到所述数据接收硬盘,进一步包括:The method according to claim 14, wherein the data sending hard disk uses the symmetric key to encrypt the data to be transmitted and sends the data to the data receiving hard disk, further comprising:
    获取待传输的数据并利用所述对称密钥进行加密; Obtaining data to be transmitted and encrypting it using the symmetric key;
    组织头信息并利用所述鉴别密钥计算所述头信息的哈希值;Organizing header information and calculating a hash value of the header information using the authentication key;
    将所述加密后的待传输数据以及所述哈希值发送到所述数据接收硬盘。The encrypted data to be transmitted and the hash value are sent to the data receiving hard disk.
  20. 如权利要求19所述的方法,其特征在于,所述数据接收硬盘利用所述对称密钥对接收到的所述待传输的数据进行解密,进一步包括:The method according to claim 19, wherein the data receiving hard disk uses the symmetric key to decrypt the received data to be transmitted, further comprising:
    利用鉴别密钥验证所述哈希值;verifying the hash value using an authentication key;
    响应于验证成功,使用对称密钥解密出明文数据,并根据地址和数据长度保存到相应位置。In response to successful verification, the plaintext data is decrypted using the symmetric key and saved to a corresponding location based on the address and data length.
  21. 一种计算机设备,包括:A computer device comprising:
    至少一个处理器;以及at least one processor; and
    存储器,所述存储器存储有可在所述处理器上运行的计算机程序,其特征在于,所述处理器执行所述程序时执行如权利要求1-20任意一项所述的方法的步骤。A memory storing a computer program executable on the processor, wherein the processor executes the steps of the method according to any one of claims 1 to 20 when executing the program.
  22. 一种非暂态计算机可读存储介质,所述非暂态计算机可读存储介质存储有计算机程序,其特征在于,所述计算机程序被处理器执行时执行如权利要求1-20任意一项所述的方法的步骤。 A non-transitory computer-readable storage medium storing a computer program, wherein the computer program, when executed by a processor, performs the steps of the method according to any one of claims 1 to 20.
PCT/CN2023/096611 2022-11-30 2023-05-26 Data transmission method, device, and storage medium WO2024113724A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
CN202211513285.XA CN115549910B (en) 2022-11-30 2022-11-30 Data transmission method, equipment and storage medium
CN202211513285.X 2022-11-30

Publications (1)

Publication Number Publication Date
WO2024113724A1 true WO2024113724A1 (en) 2024-06-06

Family

ID=84721908

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CN2023/096611 WO2024113724A1 (en) 2022-11-30 2023-05-26 Data transmission method, device, and storage medium

Country Status (2)

Country Link
CN (1) CN115549910B (en)
WO (1) WO2024113724A1 (en)

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN115549910B (en) * 2022-11-30 2023-03-10 苏州浪潮智能科技有限公司 Data transmission method, equipment and storage medium

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112332978A (en) * 2020-11-10 2021-02-05 上海商米科技集团股份有限公司 Remote key injection method based on key agreement
CN114297355A (en) * 2021-12-13 2022-04-08 合肥大唐存储科技有限公司 Method and system for establishing secure session, solid state disk and terminal equipment
US20220248221A1 (en) * 2019-05-01 2022-08-04 John A. Nix Distributed EAP-TLS Authentication for Wireless Networks with Concealed User Identities
CN115296803A (en) * 2022-08-03 2022-11-04 北京天融信网络安全技术有限公司 Key agreement method, device, medium and electronic equipment
CN115549910A (en) * 2022-11-30 2022-12-30 苏州浪潮智能科技有限公司 Data transmission method, equipment and storage medium

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20220248221A1 (en) * 2019-05-01 2022-08-04 John A. Nix Distributed EAP-TLS Authentication for Wireless Networks with Concealed User Identities
CN112332978A (en) * 2020-11-10 2021-02-05 上海商米科技集团股份有限公司 Remote key injection method based on key agreement
CN114297355A (en) * 2021-12-13 2022-04-08 合肥大唐存储科技有限公司 Method and system for establishing secure session, solid state disk and terminal equipment
CN115296803A (en) * 2022-08-03 2022-11-04 北京天融信网络安全技术有限公司 Key agreement method, device, medium and electronic equipment
CN115549910A (en) * 2022-11-30 2022-12-30 苏州浪潮智能科技有限公司 Data transmission method, equipment and storage medium

Also Published As

Publication number Publication date
CN115549910B (en) 2023-03-10
CN115549910A (en) 2022-12-30

Similar Documents

Publication Publication Date Title
CN113545006B (en) Remote authorized access locked data storage device
RU2718689C2 (en) Confidential communication control
US11533297B2 (en) Secure communication channel with token renewal mechanism
KR102015201B1 (en) Efficient start-up for secured connections and related services
US8953790B2 (en) Secure generation of a device root key in the field
EP3073668B1 (en) Apparatus and method for authenticating network devices
US12047516B2 (en) Combined digital signature algorithms for security against quantum computers
JP5845393B2 (en) Cryptographic communication apparatus and cryptographic communication system
US9185111B2 (en) Cryptographic authentication techniques for mobile devices
EP3318043A1 (en) Mutual authentication of confidential communication
US20100250796A1 (en) Establishing a Secure Channel between a Server and a Portable Device
TW201918049A (en) Trusted remote attestation method, device and system capable of ensuring information security without causing an influence on the operation of the server terminal during the policy deployment process
US9165148B2 (en) Generating secure device secret key
NO342744B1 (en) Mutual authentication
JP2012050066A (en) Secure field-programmable gate array (fpga) architecture
JP2002344438A (en) Key sharing system, key sharing device and program thereof
WO2021234580A1 (en) Methods and systems for secure network communication
US10630466B1 (en) Apparatus and method for exchanging cryptographic information with reduced overhead and latency
US20230291548A1 (en) Authorization requests from a data storage device to multiple manager devices
WO2023151427A1 (en) Quantum key transmission method, device and system
US20240113885A1 (en) Hub-based token generation and endpoint selection for secure channel establishment
KR20190129478A (en) Ssl/tls based network security apparatus and method
WO2024113724A1 (en) Data transmission method, device, and storage medium
US12118103B2 (en) Certificates in data storage devices
Kumari et al. A comprehensive and critical analysis of TLS 1.3

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 23895890

Country of ref document: EP

Kind code of ref document: A1