CN110233729A - A kind of encryption solid-state disk key management method based on PUF - Google Patents
A kind of encryption solid-state disk key management method based on PUF Download PDFInfo
- Publication number
- CN110233729A CN110233729A CN201910587599.6A CN201910587599A CN110233729A CN 110233729 A CN110233729 A CN 110233729A CN 201910587599 A CN201910587599 A CN 201910587599A CN 110233729 A CN110233729 A CN 110233729A
- Authority
- CN
- China
- Prior art keywords
- state disk
- solid
- key
- safe
- ukey
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0643—Hash functions, e.g. MD5, SHA, HMAC or f9 MAC
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/0819—Key transport or distribution, i.e. key establishment techniques where one party creates or otherwise obtains a secret value, and securely transfers it to the other(s)
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0816—Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
- H04L9/085—Secret sharing or secret splitting, e.g. threshold schemes
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3234—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving additional secure or trusted devices, e.g. TPM, smartcard, USB or software token
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Power Engineering (AREA)
- Storage Device Security (AREA)
Abstract
The present invention relates to a kind of encryption solid-state disk key management method based on PUF, wherein it include: that host powers on, bios self-test;Safe UKey verifying encryption solid-state disk identity, user's checking password are verified, and are sent password hash value and thresholding key components to solid-state disk, encryption solid-state disk is encrypted and are verified safe UKey identity.The present invention introduces the use of PUF in the differentiated control of key and the interactive authentication of key.Threshold cryptography is introduced in cipher key management procedures, is stored respectively among safe UKey and solid-state disk after data key ciphertext is decomposed, either side is stolen can not to recover partial data key.Using the PUF value being electrically generated in PUF module built in encryption solid-state disk as certification core root-of-trust, the safety and reliability of certification is stronger for cipher key interaction certification.
Description
Technical field
The present invention relates to field of information security technology, in particular to a kind of encryption solid-state disk key management side based on PUF
Method.
Background technique
Encryption solid-state disk commonly protects the mode of sensitive information as enterprises and individuals user, and key managing project is
The core of entire security system, the stolen avalanche that will lead to entire security system of key.
The existing key storage scheme for encryption solid-state disk, mainly using the way to manage of multistage key, by more
The mode of grade control protects key.But no matter key is stored in UKey, solid-state disk either other single storages Jie
In matter, once the equipment of storage key is stolen, key is read, and all suffers from the stolen risk of data.Threshold cryptosystem scheme (t, n)
Thought be that secret is divided into n parts of shadows, n participant is distributed to, wherein being arbitrarily more than or equal to that t participant cooperate with can be extensive
Multiple key.Threshold schemes are applied in the key management of encryption solid-state disk, security risk can be dispersed, guaranteed data security
Property.
Existing key managing project, there are mainly two types of for authentication mode: the authentication mode of public private key pair, by recognizing
Demonstrate,prove both sides and distribute public private key pair, when authentication handshake by verify public private key pair whether match to verify whether it is legal,
It is that consumption resource is excessive, and needs to introduce third party's key and be in charge of center there are problem;The authentication mode of symmetry algorithm, by double
Whether the symmetric cryptographic algorithm of Fang Gongyou and identical key are identical by verifying both sides' key and algorithm when authentication handshake
It is legal to verify whether, there are problems that problem is that both sides all suffer from key storage, the safety if authentication key is stolen
System cracks.
Summary of the invention
The purpose of the present invention is to provide a kind of encryption solid-state disk key management method based on PUF, it is above-mentioned for solving
Problem of the prior art.
A kind of encryption solid-state disk key management method based on PUF of the present invention, wherein include: that host powers on, bios is certainly
Inspection;Safe UKey verifying encryption solid-state disk identity, user's checking password are verified, and send password hash value and thresholding key
Component verifies safe UKey identity to solid-state disk, encryption solid-state disk is encrypted, comprising: safe UKey generates random number a, by hash value
K and a is sent to encryption solid-state disk;It encrypts solid-state disk and receives hash value K and a, generate random number b;Exclusive or K and PUF value P generates n,
It encrypts solid-state disk and calculates n generation N using hash algorithm, encryption solid-state disk uses symmetric cryptographic algorithm X, and it is raw to encrypt a using N as key
At A, A and b are sent to safe Ukey;Safe UKey receives A, and the N of storage is used to generate a ' as key decryption A;Examine solution
Whether close result is consistent with a of generation, is consistent, and safe UKey thinks that encryption solid-state disk is credible;It the use of N is key, symmetric cryptography
Algorithm X encrypts b and generates B, and B and thresholding key components E2 are sent to encryption solid-state disk;User inputs password k ', calculates password k '
Hash value K ', whether checking computation result be consistent with the password hash value K being stored in safe UKey, be consistent, think user
Identity is legal;K ' is sent to encryption solid-state disk;It encrypts solid-state disk and receives B and K ', exclusive or K ' and PUF value P generates n ', and encryption is solid
State disk calculates n ' using hash algorithm and generates N ', and encryption solid-state disk uses symmetric cryptographic algorithm X, decrypts B as key using N ' and generates
B ', examines whether decrypted result is consistent with b, is consistent, encrypts solid-state disk and think that safe UKey is credible;It encrypts solid-state disk and restores number
According to key, data in disk, activation system are decrypted.
One embodiment of encryption solid-state disk key management method according to the present invention, wherein further include: for the first time using safe
Safe Ukey and encryption solid-state disk are bound one by one under environment, by user setting password k, calculate the hash value K of password k,
It calculates password value K and encrypts the combined value n of solid-state disk PUF value P, encrypt solid-state disk using hash algorithm and calculate combined value n's
Hash value N, safe UKey store the hash value N and user password hash value K.
One embodiment of encryption solid-state disk key management method according to the present invention, wherein using encryption solid-state disk PUF value
P generates data key ciphertext E, by data with PUF value P encrypted data key e as root key, using symmetric encipherment algorithm Y
Key ciphertext E usage threshold algorithm decomposes, and part threshold data key ciphertext E1 is stored in solid-state disk, part threshold data key
Ciphertext E2 is stored in safe UKey.
One embodiment of encryption solid-state disk key management method according to the present invention, wherein total thresholding key components number
For n, partial data key ciphertext can be solved when thresholding key components number is more than or equal to threshold value t, is stored in safe UKey
Data key number of components x<t encrypts the data key number of components y<t, the x+y>t that store in solid-state disk, need to obtain safe Ukey with
And the key components in encryption solid-state disk are to restore partial data key ciphertext.
One embodiment of encryption solid-state disk key management method according to the present invention, wherein encryption solid-state disk verifying safety
After UKey identity, solid-state disk usage threshold algorithm is encrypted, by itself storage threshold data key cyphertext component E1 and receives to come
Partial data key ciphertext E is synthesized from the threshold data key cyphertext component E2 in safe UKey, encryption solid-state disk uses symmetrical
Encryption Algorithm Y obtains data key plaintext e by key ciphertext data key ciphertext E of PUF value.
The characteristic that the present invention makes full use of PUF value physics unclonable.To encrypt solid-state disk PUF value work in verification process
A set of completely new authentication handshake method is designed in conjunction with hash algorithm and symmetric encipherment algorithm for the credible core of safety certification.Phase
Authenticated than public private key pair, this method resource consumption is less, calculating speed faster.Compared to conventional symmetrical algorithm certification disk end without depositing
Store up authentication key, the unclonable characteristic of the physics of PUF value ensure that binding after UKey and encryption solid-state disk be mutually authenticated can
By property, this method integrally improves the safety and reliability of verification process.
Detailed description of the invention
Fig. 1 show a kind of safe mode schematic diagram of encryption solid-state disk key management method based on PUF;
The identifying procedure figure of encryption solid-state disk key management method of the Fig. 2 based on PUF;
The key structure figure of encryption solid-state disk key management method of the Fig. 3 based on PUF.
Specific embodiment
To keep the purpose of the present invention, content and advantage clearer, with reference to the accompanying drawings and examples, to of the invention
Specific embodiment is described in further detail.
Fig. 1 show a kind of safe mode schematic diagram of encryption solid-state disk key management method based on PUF, and Fig. 2 is based on
The identifying procedure figure of the encryption solid-state disk key management method of PUF;Encryption solid-state disk key management method of the Fig. 3 based on PUF
Key structure figure, as shown in Figure 1 to Figure 3, a kind of encryption solid-state disk key management method based on PUF includes:
(1) host powers on, bios self-test;
(2) safe UKey verifying encryption solid-state disk identity;
(3) user's checking password is verified, and sends password hash value and thresholding key components to encrypting solid-state disk;
(4) encryption solid-state disk verifies safe UKey identity;
(5) it is verified, encrypts solid-state disk and restore data key, decrypt data in disk, activation system.
As shown in Figure 1 to Figure 3, it is initialized, i.e., is used under security context to safe Ukey before use for the first time
It is bound one by one with encryption solid-state disk.By user setting password k, the hash value K of password k is calculated, calculates password value K and encryption
The combined value n of solid-state disk PUF value P, combined method can be exclusive or or splicing, and encryption solid-state disk uses hash algorithm, calculates
Hash the value N, safe UKey of combined value n stores the hash value N and user password hash value K.
As shown in Figure 1 to Figure 3, wherein tripartite's identifying procedure, detailed step are as follows:
(1) safe UKey generates random number a, and K and a are sent to encryption solid-state disk.
(2) encryption solid-state disk receives K and a, generates random number b.Exclusive or K and PUF value P generates n, and encryption solid-state disk uses
Hash algorithm calculates n and generates N.It encrypts solid-state disk and uses symmetric cryptographic algorithm X, a is encrypted as key using N and generates A, A and b is sent out
It send to safe UKey.
(3) safe UKey receives A, and the N of storage is used to generate a ' as key decryption A.Examine decrypted result and step (1)
Whether a of middle generation is consistent, and is consistent, and safe UKey thinks that encryption solid-state disk is credible.Safe UKey is using N as key, cryptographic algorithm
X encrypts b and generates B, and B and thresholding key components E2 are sent to encryption solid-state disk.
(4) user input password k ', calculate password k ' hash value K ', checking computation result be stored in safe UKey
Password hash value K whether be consistent, be consistent, think that user identity is legal.K ' is sent to encryption solid-state disk.
(5) encryption solid-state disk receives B and K '.Exclusive or K ' and PUF value P generates n ', and encryption solid-state disk uses hash algorithm, meter
It calculates n ' and generates N '.It encrypts solid-state disk and uses symmetric cryptographic algorithm X, B is decrypted as key using N ' and generates b '.Examine decrypted result and step
Whether the b generated in (2) suddenly is consistent, and is consistent, encrypts solid-state disk and think that safe UKey is credible.
(6) solid-state disk usage threshold cryptographic algorithm is encrypted, itself is stored threshold data key cyphertext component E1 and is connect
Partial data key ciphertext E is synthesized by the threshold data key cyphertext component E2 from safe UKey.Solid-state disk is encrypted to use
Symmetric encipherment algorithm Y obtains data key plaintext e by key ciphertext data key ciphertext E of PUF value.Verification process terminates.
Wherein key management is using encryption solid-state disk PUF value P as root key.Using symmetric encipherment algorithm Y, with PUF value P
Encrypted data key e generates data key ciphertext E.Data key ciphertext E usage threshold cryptographic algorithm is decomposed, part thresholding
Data key ciphertext E1 is stored in encryption solid-state disk, and part threshold data key ciphertext E2 is stored in safe UKey.
Wherein threshold cryptography algorithm (t, n), total thresholding key components number are n, t < n.When thresholding key components number is less than t
Shi Wufa solves partial data key ciphertext.Data key number of components x < t for storing in UKey is encrypted and is stored in solid-state disk
Data key number of components y<t, x+y>t.The key components for individually obtaining safe UKey or encrypting in solid-state disk can not restore
Partial data key ciphertext.
To encrypt the PUF value of solid-state disk as the root key of key management in cipher key management procedures, its object is made full use of
Unclonable attribute is managed, the safety of root key is improved.It introduces threshold cryptography algorithm security and decomposes storage key, deposit respectively
It is stored in safe UKey and encryption solid-state disk, compares traditional secrete key storage mode, the stolen attacker of either side can not obtain
Partial data key ciphertext, improves the safety of encryption system.
The beneficial effects of the present invention are:
(1) to encrypt solid-state disk PUF value as the credible core of safety certification in verification process, in conjunction with hash algorithm and
Symmetric encipherment algorithm designs a set of completely new authentication handshake method.It is authenticated compared to public private key pair, this method resource consumption is less,
Calculating speed is faster.Authentication storage key, the unclonable characteristic of the physics of PUF value are not necessarily to compared to existing symmetry algorithm certification disk end
It ensure that the reliability that UKey and encryption solid-state disk are mutually authenticated after binding, this method integrally improve the safety of verification process
Property and reliability.
(2) in cipher key management procedures using encrypt solid-state disk PUF value as the root key of key management, make full use of it
The unclonable attribute of physics, improves the safety of root key.It introduces threshold cryptography algorithm security and decomposes storage key, respectively
It is stored in safe UKey and encryption solid-state disk, compares existing key storage mode, the stolen attacker of either side can not obtain
Entire data key ciphertext is taken, the safety of encryption system is improved.
The present invention introduces the use of PUF in the differentiated control of key and the interactive authentication of key.Wherein key point
Grade management using the PUF value being electrically generated in PUF module built in encryption solid-state disk main control chip as root key, to data key into
Row encryption.PUF value can with it is unreadable and have the unclonable characteristic of physics, ensure that the safety of root key.In key management
Threshold cryptography is introduced in the process, is stored respectively among safe UKey and solid-state disk after data key ciphertext is decomposed,
Either side is stolen can not to recover partial data key.Cipher key interaction certification uses built in encryption solid-state disk in PUF module
The PUF value being electrically generated is used in combination hash algorithm and symmetric encipherment algorithm carries out handshake authentication as certification core root-of-trust, with
The scheme of existing public private key pair certification and symmetric encipherment algorithm certification is compared, it is only necessary to which UKey folk prescription stores key, the peace of certification
Full property and reliability are stronger.
The above is only a preferred embodiment of the present invention, it is noted that for the ordinary skill people of the art
For member, without departing from the technical principles of the invention, several improvement and deformations can also be made, these improvement and deformations
Also it should be regarded as protection scope of the present invention.
Claims (5)
1. a kind of encryption solid-state disk key management method based on PUF characterized by comprising
Host powers on, bios self-test;
Safe UKey verifying encryption solid-state disk identity, user's checking password are verified, send password hash value and thresholding is close
Key component verifies safe UKey identity to solid-state disk, encryption solid-state disk is encrypted, comprising:
Safe UKey generates random number a, and hash value K and a are sent to encryption solid-state disk;
It encrypts solid-state disk and receives hash value K and a, generate random number b;Exclusive or K and PUF value P generates n, and encryption solid-state disk uses
Hash algorithm calculates n and generates N, and encryption solid-state disk uses symmetric cryptographic algorithm X, encrypts a as key using N and generates A, A and b is sent
To safe Ukey;
Safe UKey receives A, and the N of storage is used to generate a ' as key decryption A;Examine decrypted result and generation a whether phase
Symbol, is consistent, and safe UKey thinks that encryption solid-state disk is credible;The use of N is key, symmetric cryptographic algorithm X encrypts b and generates B, by B and
Thresholding key components E2 is sent to encryption solid-state disk;
User inputs password k ', calculates the hash value K ' of password k ', checking computation result and the password being stored in safe UKey
Whether hash value K is consistent, and is consistent, and thinks that user identity is legal;K ' is sent to encryption solid-state disk;
It encrypts solid-state disk and receives B and K ', exclusive or K ' and PUF value P generates n ', and encryption solid-state disk calculates n ' using hash algorithm and generates
N ', encryption solid-state disk use symmetric cryptographic algorithm X, decrypt B as key using N ' and generate b ', examine whether decrypted result is consistent with b,
It is consistent, encrypts solid-state disk and think that safe UKey is credible;
It encrypts solid-state disk and restores data key, decrypt data in disk, activation system.
2. encryption solid-state disk key management method as described in claim 1, which is characterized in that further include: for the first time using safe
Safe Ukey and encryption solid-state disk are bound one by one under environment, by user setting password k, calculate the hash value K of password k,
It calculates password value K and encrypts the combined value n of solid-state disk PUF value P, encrypt solid-state disk using hash algorithm and calculate combined value n's
Hash value N, safe UKey store the hash value N and user password hash value K.
3. encryption solid-state disk key management method as described in claim 1, which is characterized in that using encryption solid-state disk PUF value P
As root key, data key ciphertext E is generated with PUF value P encrypted data key e using symmetric encipherment algorithm Y, data are close
Key ciphertext E usage threshold algorithm decomposes, and part threshold data key ciphertext E1 is stored in solid-state disk, and part threshold data key is close
Literary E2 is stored in safe UKey.
4. encryption solid-state disk key management method as described in claim 1, which is characterized in that total thresholding key components number is
N can solve partial data key ciphertext, the number stored in safe UKey when thresholding key components number is more than or equal to threshold value t
According to key components number x<t, encrypt data key number of components y<t, the x+y>t stored in solid-state disk, need to obtain safe Ukey and
The key components in solid-state disk are encrypted to restore partial data key ciphertext.
5. key managing project as described in claim 1, which is characterized in that after encryption solid-state disk verifies safe UKey identity,
Solid-state disk usage threshold algorithm is encrypted, by itself storage threshold data key cyphertext component E1 and is received from safe UKey
Threshold data key cyphertext component E2 synthesize partial data key ciphertext E, encryption solid-state disk use symmetric encipherment algorithm Y, with
PUF value is that key ciphertext data key ciphertext E obtains data key plaintext e.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910587599.6A CN110233729B (en) | 2019-07-02 | 2019-07-02 | Encrypted solid-state disk key management method based on PUF |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201910587599.6A CN110233729B (en) | 2019-07-02 | 2019-07-02 | Encrypted solid-state disk key management method based on PUF |
Publications (2)
Publication Number | Publication Date |
---|---|
CN110233729A true CN110233729A (en) | 2019-09-13 |
CN110233729B CN110233729B (en) | 2022-03-11 |
Family
ID=67857741
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201910587599.6A Active CN110233729B (en) | 2019-07-02 | 2019-07-02 | Encrypted solid-state disk key management method based on PUF |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN110233729B (en) |
Cited By (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112069555A (en) * | 2020-08-13 | 2020-12-11 | 中国电子科技集团公司第三十研究所 | Safe computer architecture based on double-hard-disk cold switching operation |
WO2022259013A1 (en) | 2021-06-07 | 2022-12-15 | Telefonaktiebolaget Lm Ericsson (Publ) | Storage device being authenticated to host by utilizing physically unclonable function (puf) for data encryption/decryption |
WO2022259015A1 (en) | 2021-06-07 | 2022-12-15 | Telefonaktiebolaget Lm Ericsson (Publ) | Storage device utilziing physically unclonable function (puf) based secret sharing scheme for data encryption/decryption |
Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8667265B1 (en) * | 2010-07-28 | 2014-03-04 | Sandia Corporation | Hardware device binding and mutual authentication |
US20140258736A1 (en) * | 2013-03-08 | 2014-09-11 | Robert Bosch Gmbh | Systems and Methods for Maintaining Integrity and Secrecy in Untrusted Computing Platforms |
CN104836669A (en) * | 2015-05-08 | 2015-08-12 | 东南大学 | Security authentication method based on SRAM PUF (Static Random Access Memory Physical Uncloable Function), terminal and authentication system |
CN108199845A (en) * | 2017-12-08 | 2018-06-22 | 中国电子科技集团公司第三十研究所 | A kind of light-weight authentication equipment and authentication method based on PUF |
CN108737076A (en) * | 2017-04-13 | 2018-11-02 | 山东量子科学技术研究院有限公司 | A kind of identity authorization system and identity identifying method |
CN108920984A (en) * | 2018-07-06 | 2018-11-30 | 北京计算机技术及应用研究所 | The anti-clone of one kind distorts safe SSD main control chip framework |
CN109040067A (en) * | 2018-08-02 | 2018-12-18 | 广东工业大学 | A kind of user authentication device and authentication method based on the unclonable technology PUF of physics |
-
2019
- 2019-07-02 CN CN201910587599.6A patent/CN110233729B/en active Active
Patent Citations (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US8667265B1 (en) * | 2010-07-28 | 2014-03-04 | Sandia Corporation | Hardware device binding and mutual authentication |
US20140258736A1 (en) * | 2013-03-08 | 2014-09-11 | Robert Bosch Gmbh | Systems and Methods for Maintaining Integrity and Secrecy in Untrusted Computing Platforms |
CN104836669A (en) * | 2015-05-08 | 2015-08-12 | 东南大学 | Security authentication method based on SRAM PUF (Static Random Access Memory Physical Uncloable Function), terminal and authentication system |
CN108737076A (en) * | 2017-04-13 | 2018-11-02 | 山东量子科学技术研究院有限公司 | A kind of identity authorization system and identity identifying method |
CN108199845A (en) * | 2017-12-08 | 2018-06-22 | 中国电子科技集团公司第三十研究所 | A kind of light-weight authentication equipment and authentication method based on PUF |
CN108920984A (en) * | 2018-07-06 | 2018-11-30 | 北京计算机技术及应用研究所 | The anti-clone of one kind distorts safe SSD main control chip framework |
CN109040067A (en) * | 2018-08-02 | 2018-12-18 | 广东工业大学 | A kind of user authentication device and authentication method based on the unclonable technology PUF of physics |
Non-Patent Citations (2)
Title |
---|
MARIO BARBARESCHI: ""A PUF-based hardware mutual authentication protocol"", 《OURNAL OF PARALLEL AND DISTRIBUTED COMPUTING》 * |
刘丹: ""一种基于SRAM PUF的安全双向认证协议"", 《密码学报》 * |
Cited By (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN112069555A (en) * | 2020-08-13 | 2020-12-11 | 中国电子科技集团公司第三十研究所 | Safe computer architecture based on double-hard-disk cold switching operation |
CN112069555B (en) * | 2020-08-13 | 2022-03-18 | 中国电子科技集团公司第三十研究所 | Safe computer architecture based on double-hard-disk cold switching operation |
WO2022259013A1 (en) | 2021-06-07 | 2022-12-15 | Telefonaktiebolaget Lm Ericsson (Publ) | Storage device being authenticated to host by utilizing physically unclonable function (puf) for data encryption/decryption |
WO2022259015A1 (en) | 2021-06-07 | 2022-12-15 | Telefonaktiebolaget Lm Ericsson (Publ) | Storage device utilziing physically unclonable function (puf) based secret sharing scheme for data encryption/decryption |
Also Published As
Publication number | Publication date |
---|---|
CN110233729B (en) | 2022-03-11 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US11533297B2 (en) | Secure communication channel with token renewal mechanism | |
WO2020087805A1 (en) | Trusted authentication method employing two cryptographic values and chaotic encryption in measurement and control network | |
CN109379387B (en) | Safety certification and data communication system between Internet of things equipment | |
CN103179086B (en) | Remote storage processing method and the system of data | |
CN110958219B (en) | SM2 proxy re-encryption method and device for medical cloud shared data | |
US20170142082A1 (en) | System and method for secure deposit and recovery of secret data | |
CN110519046B (en) | Quantum communication service station key negotiation method and system based on one-time asymmetric key pair and QKD | |
US11874935B2 (en) | Protecting data from brute force attack | |
Rezaeighaleh et al. | New secure approach to backup cryptocurrency wallets | |
CN113630416A (en) | Secret authentication and provisioning | |
US20180219688A1 (en) | Information Transmission Method and Mobile Device | |
CN109543434B (en) | Block chain information encryption method, decryption method, storage method and device | |
CN108881960B (en) | Intelligent camera safety control and data confidentiality method based on identification password | |
CN112383391A (en) | Data security protection method based on data attribute authorization, storage medium and terminal | |
US20240187217A1 (en) | Security encryption method for computer files, security decryption method for computer files, and readable storage medium | |
CN110233729A (en) | A kind of encryption solid-state disk key management method based on PUF | |
CN104243494A (en) | Data processing method | |
TWI476629B (en) | Data security and security systems and methods | |
CN109412795A (en) | A kind of Virtual Intelligent cipher key | |
CN110837634B (en) | Electronic signature method based on hardware encryption machine | |
CN107911221A (en) | The key management method of solid-state disk data safety storage | |
CN109299618B (en) | Quantum-resistant computing cloud storage method and system based on quantum key card | |
Hussien et al. | Scheme for ensuring data security on cloud data storage in a semi-trusted third party auditor | |
Xia et al. | Design of secure FTP system | |
US11784812B1 (en) | Device, system, and method to facilitate secure data transmission, storage and key management |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |