CN111783078A - Android platform security chip control system - Google Patents

Android platform security chip control system Download PDF

Info

Publication number
CN111783078A
CN111783078A CN202010674830.8A CN202010674830A CN111783078A CN 111783078 A CN111783078 A CN 111783078A CN 202010674830 A CN202010674830 A CN 202010674830A CN 111783078 A CN111783078 A CN 111783078A
Authority
CN
China
Prior art keywords
security chip
key
ciphertext
security
interface
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202010674830.8A
Other languages
Chinese (zh)
Inventor
林靖明
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Datang Terminal Technology Co Ltd
Original Assignee
Datang Terminal Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Datang Terminal Technology Co Ltd filed Critical Datang Terminal Technology Co Ltd
Priority to CN202010674830.8A priority Critical patent/CN111783078A/en
Publication of CN111783078A publication Critical patent/CN111783078A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F11/00Error detection; Error correction; Monitoring
    • G06F11/07Responding to the occurrence of a fault, e.g. fault tolerance
    • G06F11/08Error detection or correction by redundancy in data representation, e.g. by using checking codes
    • G06F11/10Adding special bits or symbols to the coded information, e.g. parity check, casting out 9's or 11's
    • G06F11/1008Adding special bits or symbols to the coded information, e.g. parity check, casting out 9's or 11's in individual solid state devices
    • G06F11/1044Adding special bits or symbols to the coded information, e.g. parity check, casting out 9's or 11's in individual solid state devices with specific ECC/EDC distribution
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F7/00Methods or arrangements for processing data by operating upon the order or content of the data handled
    • G06F7/58Random or pseudo-random number generators
    • G06F7/588Random number generators, i.e. based on natural stochastic processes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/70Software maintenance or management
    • G06F8/71Version control; Configuration management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Quality & Reliability (AREA)
  • Computational Mathematics (AREA)
  • Mathematical Analysis (AREA)
  • Mathematical Optimization (AREA)
  • Pure & Applied Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The invention provides an Android platform security chip control system, which comprises: hardware layer module, hardware adaptation layer module and application interface layer module, the hardware layer module includes: the safety chip is connected to a main chip of the terminal equipment, and is used for being responsible for algorithm operation and data storage and communicating with the hardware adaptation layer module; the hardware adaptation layer module comprises: the device driver comprises an SPI device driver and a GPIO device driver, and the adapter program packages a communication interface of hardware and provides a uniform interface for an upper layer; the application interface layer module comprises: a secure application interface; and processing the data transmitted by the user application by calling the bottom encryption interface.

Description

Android platform security chip control system
Technical Field
The invention relates to the technical field of Android systems, in particular to a control system for a security chip of an Android platform.
Background
Android is a Linux-based operating system with free and open source codes, is mainly used for mobile devices such as smart phones and tablet computers, and is led and developed by Google corporation and the open mobile phone alliance, and has become the largest mobile phone software platform at present.
In recent years, with the rapid development of an Android operating system, industry application software rises rapidly and is popularized rapidly, information security problems become more and more important and more complex, and various security problems existing on the traditional internet gradually extend to the field of mobile internet and even evolve into new security threats.
The industry terminal based on the Android system serves government departments and important national economy fields such as petrochemical industry, coal, water conservancy, electric power, railways, roads and aviation, once data leakage occurs, serious economic loss which cannot be compensated is caused to the country, and even the national safety is influenced. Therefore, it is urgent to protect the industrial terminal data.
At present, some security technologies are introduced in some industry applications, most of the industry applications adopt a centralized information encryption means, the security of a secret key cannot be guaranteed, and the security level is low, and secret leakage events such as cracking and the like easily occur. On an industrial terminal, most applications are security operations realized based on a software mode, and from the perspective of overall data security, a terminal without hardware security guarantee is always a weak link.
Disclosure of Invention
The object of the present invention is to solve at least one of the technical drawbacks mentioned.
Therefore, the invention aims to provide a security chip control system of an Android platform.
In order to achieve the above object, an embodiment of the present invention provides an Android platform security chip control system, including: hardware layer module, hardware adaptation layer module and application interface layer module, wherein, hardware layer module includes: the safety chip is connected to a main chip of the terminal equipment, is used for taking charge of algorithm operation and data storage and is communicated with the hardware adaptation layer module; the security chip stores a public key and a private key for encrypting and decrypting data; the hardware adaptation layer module comprises: the device comprises an adaptation program and a device driver, wherein the device driver comprises an SPI device driver and a GPIO device driver, and the adaptation program packages a communication interface of hardware and provides a uniform interface for an upper layer; the application interface layer module comprises: a secure application interface; and processing the data transmitted by the user application by calling the bottom encryption interface.
Further, the main chip of the terminal device supplies power to the safety chip through a Vcc pin, resets the safety chip through a RST pin, performs data communication with the safety chip through an SPI (serial peripheral interface), and feeds back the current working state to the terminal device through a GPIO (general purpose input/output) interface.
Further, there is no support for export and backup of private keys in the secure chip.
Further, the security chip performs data encryption and data decryption on the stored data, and comprises the following steps:
and (3) encryption process: generating a random number by using a security chip, encrypting a session key from the security chip and a plaintext from security application by adopting SM4 to generate a ciphertext b, encrypting the session key and a public key from the security chip by adopting SM2 to generate a ciphertext a, carrying out SM3hash operation on the ciphertext a and the ciphertext b to generate a ciphertext c, and then combining the ciphertext a, the ciphertext b and the ciphertext c to generate a ciphertext combination a + b + c which is used as a final encrypted ciphertext;
and (3) decryption process: decrypting the ciphertext a in the ciphertext combination a + b + c by using a private key by using SM2 to obtain a session key, decrypting the ciphertext b by using the session key in SM4 to obtain a plaintext, and sending the plaintext to a security application; and carrying out SM3hash operation on the ciphertext a + b to generate a ciphertext c ', and comparing the ciphertext c with the ciphertext c'.
Further, the asymmetric key SM2 cryptographic algorithm is designed based on the principle of ECC algorithm, and is implemented by combining a hardware engine and software of the SM2 cryptographic algorithm; the SM4 cryptographic algorithm is a symmetric algorithm, the security of the algorithm is verified, and the SM4 cryptographic algorithm is realized by a hardware engine of a security chip; the SM3 cryptographic algorithm is a hash algorithm, implemented by a hardware engine of the security chip.
Further, the security chip generates a random number through a true random number generator, a linear feedback shift register and an SM4 post-processor, wherein the true random number generator continuously generates a 1-bit true random sequence as a seed of the linear feedback shift register; the SM4 post-processor generates post-processing random numbers by adopting SM4 arithmetic operation.
Further, the security chip stores two types of keys, including: a system key and a user key, wherein,
the system key is stored in a memory of the security chip in a ciphertext mode, operation is carried out in a file index mode, when authentication is carried out, an actual authentication key is derived through the ciphertext storage authentication key of the security chip and is stored in an RAM inside the security chip, and an authentication key file in the RAM cannot be read out and only participates in operation in a life cycle; after the operation is executed, the authentication key in the RAM is reset to zero and is cleared;
the user key includes: the SM2key pair and the SM4 encryption and decryption key of the user, wherein an SM2public key and a private key are stored in a corresponding memory of the security chip, the SM4 encryption and decryption key needs to be input by application and stored in a RAM of the security chip, an encryption and decryption key file in the RAM cannot be read out and can only participate in operation in a life cycle, and the RAM encryption and decryption key is set to zero and cleared after the operation is executed.
Further, before the terminal device formally applies the security chip, the terminal device performs firmware detection and automatic firmware downloading during startup on the security chip, the security chip only presets boot firmware when leaving a factory, and application firmware related to a service needs to be automatically downloaded or updated during startup of the terminal device, including the following steps:
software in the terminal equipment presets a security chip firmware file and a corresponding firmware version number attribute;
and after the terminal equipment is started, detecting the version number of the firmware of the security chip, and downloading the preset firmware of the security chip if the obtained version number of the firmware is null or different from the preset version number.
Further, the service provided by the security chip is used as an android framework system service, is always operated in a system background, provides an encryption and decryption interface and a key management interface for security application, and is connected with the HAL layer through the JNI.
According to the Android platform security chip control system provided by the embodiment of the invention, the security chip is integrated on the industry terminal, the security operation interface is opened to provide security service for third-party security application according to the relevant policy and specification of the national password administration, and the industry sensitive data and important files are encrypted through the security chip, so that the data security of industry users can be effectively protected. In addition, the user key is stored in the security chip, and the private key cannot be read out, so that the storage security of the user key is ensured. The invention carries out high-speed communication with the safety chip through the SPI full duplex and synchronous communication bus, provides safety operation request and data receiving and transmitting on the hardware adaptation layer, and provides a development interface for safety application on the system service layer. The third-party application can realize operations such as key pair generation, public key import and export and key exchange, true random number generation and acquisition, data encryption and decryption and the like through a secure interface. By encrypting the user data, the safety of the user data information can be ensured at the source. According to the difference of the encrypted data and the files, different session keys are used, each session key is generated through a true random number generated by a security chip, one-time pad can be achieved, and therefore the security is improved. The private key is stored in the security chip and cannot be read out, so that the security of the user key is ensured.
Additional aspects and advantages of the invention will be set forth in part in the description which follows and, in part, will be obvious from the description, or may be learned by practice of the invention.
Drawings
The above and/or additional aspects and advantages of the present invention will become apparent and readily appreciated from the following description of the embodiments, taken in conjunction with the accompanying drawings of which:
fig. 1 is a structural diagram of an Android platform security chip control system according to an embodiment of the present invention;
FIG. 2 is a schematic diagram of a security chip interacting with a terminal device interface according to an embodiment of the present invention;
FIG. 3 is a flowchart illustrating encryption and decryption of a security chip according to an embodiment of the present invention;
FIG. 4 is a block diagram of a circuit for interaction between a security chip and a terminal device according to an embodiment of the present invention;
FIG. 5 is a circuit diagram of a security chip according to an embodiment of the present invention;
FIG. 6 is a block flow diagram of random number generation according to an embodiment of the present invention;
fig. 7a and 7b are flow charts of the SM2 algorithm self-test according to an embodiment of the present invention;
fig. 8 is a flow chart of a self-test of the SM3 algorithm according to an embodiment of the present invention;
fig. 9a and 9b are flow charts of the self-test of the SM4 algorithm according to an embodiment of the present invention;
FIG. 10 is a flow chart of random number self-check according to an embodiment of the present invention;
fig. 11 is a flow diagram of creating an SM2key pair according to an embodiment of the invention;
fig. 12 is a SM2 encryption flow diagram according to an embodiment of the invention;
fig. 13 is a SM2 decryption flow diagram according to an embodiment of the present invention;
fig. 14 is a flow chart of SM3Hash calculation according to an embodiment of the present invention;
fig. 15 is a SM4 encryption flow diagram according to an embodiment of the invention;
fig. 16 is a flow diagram of SM4 decryption according to an embodiment of the present invention.
Detailed Description
Reference will now be made in detail to embodiments of the present invention, examples of which are illustrated in the accompanying drawings, wherein like or similar reference numerals refer to the same or similar elements or elements having the same or similar function throughout. The embodiments described below with reference to the drawings are illustrative and intended to be illustrative of the invention and are not to be construed as limiting the invention.
According to the Android platform security chip control system, the security chip device is connected to the main chip of the terminal equipment. Referring to fig. 4, a main chip of a terminal device (taking a mobile phone as an example, the mobile phone is provided with an Android platform inside) supplies power to a security chip through a Vcc pin, resets the security chip through a RST pin, performs data communication (including data writing and data reading) with the security chip through an SPI interface, and feeds back a current working state (Ready/busy) to the terminal device through a GPIO interface. Fig. 5 is a circuit diagram of a security chip employed in the present invention.
According to the method, the Android terminal is based on the security chip, the application data is encrypted and decrypted, and the security of the user data is guaranteed; the security chip generates an asymmetric key, and the private key cannot be read out, so that the storage security of the user key is ensured; the SPI full duplex synchronous communication bus is used for carrying out high-speed communication with the safety chip, and safety operation requests and data receiving and sending are provided on a hardware adaptation layer.
The third-party application can realize operations such as key pair generation, public key import and export, true random number generation and acquisition, data encryption and decryption and the like through a secure interface. Because the safety operation is completed in the chip, the information safety in the communication process can be ensured.
Referring to fig. 1 and 2, the Android platform security chip control system includes: the device comprises a hardware layer module, a hardware adaptation layer module and an application interface layer module.
Specifically, the hardware layer module includes: the safety chip is connected to a main chip of the terminal equipment, and is used for being responsible for algorithm operation and data storage and communicating with the hardware adaptation layer module; the security chip stores a public key and a private key for encrypting and decrypting data. The hardware interface comprises an SPI bus interface and a GPIO interface.
It should be noted that the private key stored in the security chip does not support export and backup, and can be updated and destroyed.
Referring to fig. 2, a service provided by a security chip, as an android framework system service, always runs in a system background, provides an encryption/decryption interface and a key management interface for security applications, and is connected to a hal (hardwarexa abstract layer) layer through a jni (java native interface).
Secure chip hardware adaptation layer: and the independent adaptation layer software module realizes the control and data exchange of the security chip. Functions corresponding to the application interfaces one by one are provided through JNI, and data communication is carried out with the security chip through SPI (Serial peripheral interface).
The hardware adaptation layer module comprises: the device driver comprises an SPI device driver and a GPIO device driver and is responsible for communicating with the security chip, and the adapter program packages a communication interface of hardware and provides a uniform interface for an upper layer.
The terminal equipment is in high-speed communication with the security chip through the SPI communication bus, provides security operation requests and data receiving and sending on a hardware adaptation layer, and provides a development interface for security application on a system service layer.
The application interface layer module comprises: a secure application interface; processing the data transmitted by the user application by calling an underlying encryption interface, wherein the processing comprises the following steps: the method has the functions of encrypting, decrypting, signing, verifying and the like on data transmitted by user application, and provides an asymmetric key management interface, such as key pair generation, public key import and export.
Specifically, as shown in fig. 3, the data encryption and data decryption performed by the security chip on the stored data includes the following steps:
A) and (3) encryption process: the method comprises the steps of generating random numbers by using a security chip, encrypting a session key from the security chip and a plaintext from security application by adopting SM4 to generate a ciphertext b, encrypting the session key and a public key from the security chip by adopting SM2 to generate a ciphertext a, carrying out SM3hash operation on the ciphertext a and the ciphertext b to generate a ciphertext c, combining the ciphertext a, the ciphertext b and the ciphertext c to generate a ciphertext combination a + b + c, and using the ciphertext combination a + b + c as a final encrypted ciphertext. Fig. 11 is a flow diagram of creating an SM2key pair according to an embodiment of the invention; fig. 12 is a SM2 encryption flow diagram according to an embodiment of the present invention. Fig. 14 is a flow chart of SM3Hash calculation according to an embodiment of the present invention. Fig. 15 is a SM4 encryption flow diagram according to an embodiment of the present invention.
The generation process of the random numbers is explained below with reference to fig. 6.
In an embodiment of the invention, the true random number is obtained by a genRandom function. The terminal equipment generates a true random number by adopting a true random number module in a security chip SSX1627 authenticated by a national password administration, and the true random number is used for encryption and decryption calculation or application calculation as a secret key.
The security chip generates a random number through a true random number generator, a linear feedback shift register and an SM4 post-processor, wherein the true random number generator continuously generates a 1-bit true random sequence as a seed of the linear feedback shift register. The linear feedback shift register generates the expression as: x is the number of128+x7+x2+ x +1 as shown in FIG. 6. The SM4 post-processor generates post-processing random numbers using SM4 arithmetic operations.
(1) The RANDOM module control register is set by the CPU and used for controlling the starting and enabling of the high-frequency oscillator and the low-frequency oscillator;
(2) trng _ en0, trng _ en1, trng _ en2 and trng _ en3 are enable signals of four physical random sources respectively, and random sequences generated by the four independent physical random sources are subjected to exclusive OR to obtain an input of a digital post-processing part;
(3) trng _ clk: the low-frequency 5MHZ clock is generated by a vibrating source with jitter and is a low-frequency sampling clock of 4 physical random source generators, and the linear feedback shift register also adopts clock stepping in the process of loading seeds;
(4) trng _ out: the exclusive or of the outputs of the four physical random sources is used as a physical random source output interface, and the interface signal is used as a random number generation input signal;
(5) the online detection module comprises two detection methods, namely poker detection and complete failure detection, and random bits passing the online detection can be used as seeds of the linear feedback shift register;
(6) and the generation expression of the LFSR is a primitive polynomial: x is the number of128+x7+x2+x+1;
(7) And ini _ en is used for setting a feedback control bit of the LFSR;
(8) shf _ en, control bits for LFSR normal stepping, '1' is valid;
(9) d: an input of the LFSR, an output of the selector MUX 1. When the control bit ini _ en is 1, indicating that the seed setting stage is currently carried out, and D is equal to the output of the physical random source; when the control bit ini _ en is 0 and shf _ en is 1, indicating that D is equal to the output of the physical random source or the feedback bit generated by the LFSR at the normal step stage of the LFSR;
(10) and EN: the LFSR enable bit, 1, is valid, either in the LFSR set seed phase or the normal step phase, and therefore equals ini _ en or the Up shf _ en;
(11) CLK: the step clock CLK of the LFSR equals the low frequency 5MHZ clock trng _ CLK;
(12) post-processing random numbers generated by SM4 operation. Firstly, initializing a secret key and an IV vector of SM4, starting an m sequence twice, and using two groups of 128-bit random numbers obtained, wherein one group is used as the secret key of an SM4 algorithm, and the other group is used as the IV vector of an SM4 algorithm. Then, the SM4 algorithm is called circularly, the m sequence is started to obtain a 128-bit random number, exclusive or operation is carried out on the 128-bit random number and the IV vector to obtain a plaintext of the SM4 algorithm, SM4 operation is started, and a 128-bit ciphertext is obtained and is output as the random number. And starting the m sequence again to obtain a 128-bit random number, carrying out XOR operation on the 128-bit random number and the ciphertext obtained by the last SM4 operation to obtain a plaintext of an SM4 algorithm, starting SM4 operation, and obtaining a 128-bit ciphertext to be output as a random number. And circulating the steps until the random number with the required length is obtained.
(13) And after-treatment random numbers generated by SM4 operation are subjected to single-bit frequency detection, if the single-bit frequency detection is passed, the random numbers are output, and if the single-bit frequency detection is not passed, the random numbers are not output and errors are reported.
B) And (3) decryption process: decrypting the ciphertext a in the ciphertext combination a + b + c by using a private key by using SM2 to obtain a session key, decrypting the ciphertext b by using the session key in SM4 to obtain a plaintext, and sending the plaintext to a security application; and carrying out SM3Hash operation on the ciphertext a + b to generate a ciphertext c ', and comparing the ciphertext c with the ciphertext c' to determine the integrity of the information. Fig. 13 is a SM2 decryption flow diagram according to an embodiment of the present invention. Fig. 16 is a flow diagram of SM4 decryption according to an embodiment of the present invention.
In the embodiment of the invention, the asymmetric key SM2 cryptographic algorithm is designed based on the principle of ECC algorithm, and is realized by combining a hardware engine and software of the SM2 algorithm; the SM4 cryptographic algorithm is a symmetric algorithm, the security of the algorithm is verified, and the SM4 cryptographic algorithm is realized by a hardware engine of a security chip; the SM3 cryptographic algorithm is a hash algorithm, implemented by a hardware engine of the security chip.
The self-test flows of the SM2 algorithm, the SM3 algorithm, the SM4 algorithm, and the random number generation will be described below, respectively.
(1) SM2 self-test flow
Presetting a public and private key pair, ciphertext data and plaintext data necessary for an SM2 algorithm unit in advance in a security chip for algorithm self-checking, then carrying out SM2 encryption and decryption operation, comparing the data obtained after the operation with preset data, if the result is consistent, carrying out the SM2 algorithm self-checking normally, otherwise, prompting a fault, and the specific process is shown in fig. 7a and 7 b.
(2) SM3 self-test flow
Presetting preset data and a corresponding hash value which are necessary for an SM3 algorithm unit in advance in a security chip for algorithm self-check, then carrying out SM3hash operation, comparing the data obtained after the operation with the preset data, if the result is consistent, the SM3 algorithm self-check is normal, otherwise, prompting a fault, and the specific process is shown in figure 8.
(3) SM4 self-test flow
The KEY, the ciphertext data and the plaintext data which are necessary for the SM4 algorithm unit are preset in the security chip in advance for algorithm self-checking, then SM4 encryption and decryption operation is carried out, the data obtained after operation is compared with the preset data, if the result is consistent, the SM4 algorithm self-checking is normal, otherwise, a fault is prompted, and the specific process is shown in fig. 9a and fig. 9 b.
(4) Self-checking process of random number module
The self-checking method of the random number comprises complete failure detection and poker detection.
The complete failure detection is used for detecting whether continuous long 0 or long 1 occurs in the output of the analog random source, and if the analog random source outputs continuous 48bit0 or 1, the circuit generates an alarm signal to indicate that the analog random number has failed. The circuit continuously detects the output of the analog random source, two counters are used for counting continuous length 1 and length 0 respectively, when the continuous 1 or 0 is sampled to start counting, and if the discontinuous condition is met, the counters are cleared. If the counter counts to 48, an alarm signal is generated indicating that the random number module is disabled.
The poker detection method comprises the steps of dividing generated 128-bit random data into 32 groups by taking 4 bits as a group, counting the possible 0,1,2, … … and 15 conditions in each group of the 32 groups of data respectively, recording the counting value of each possible condition as Ni (i is 0,1,2, … … and 15), obtaining the value of each Ni2 through a lookup table, accumulating the values of Ni2, comparing the accumulated value with a set threshold value, judging that poker detection is passed if the accumulated value is larger than the set threshold value, and otherwise, judging that a random number module is invalid. The random number module self-checks the specific process, as shown in fig. 10.
The security chip of the embodiment of the invention provides a data storage function and adopts the following form:
(1) FLASH erase/write protection mechanism
The FLASH memory of the security chip has an erasing protection mechanism, so that the FLASH is prevented from being erased by mistake under the conditions of unstable power supply, extreme application environment or other illegal attack interference. The FLASH erase and write operation must use a specific sequence to be defined as a legal user. The FLASH memory can be read before the specific sequence is used, i.e. before the user is authenticated and identified; the FLASH memory can be written and erased only after a specific sequence is used, i.e. after the user has been authenticated and identified.
When the SDP function, namely the erasing protection function, is opened, effective writing and erasing operations can be carried out only when software inputs a specific SDP sequence, and if the SDP sequence is wrong, the operation is terminated. The 2-byte sequence is required to be input in both writing and erasing operations, and the 2-byte sequence is used for controlling the starting of the writing operation, so that abnormal writing and erasing operations can be effectively prevented, and the FLASH is prevented from being illegally rewritten and erased.
(2) ECC checking mechanism
The RAM and the FLASH of the security chip both have an ECC check function, when data read from the memory is checked for errors, ECC abnormal interruption is generated, and 1-bit check bit is generated for each 8-bit data.
(3) Ciphertext storage mechanism
The data stored in the safety chip FLASH and RAM are stored after being encrypted, and are read out and then are decrypted. The data bus is encrypted, so that an attacker has no significance on data obtained by memory detection, the processing speed is required to be high, and the normal operation of a chip is not influenced. Therefore, a dynamic encryption mechanism which can be controlled by a CPU is adopted.
The memory data encryption and decryption module is arranged between the kernel and the on-chip memory, and has two main functions: firstly, data Din output by the kernel is encrypted and then stored in the memory, and the other is that data Dout output by the memory is decrypted and recovered and then sent to the kernel module.
ED denotes encrypting data, ED-1 denotes decrypting data, and KEY denotes a KEY.
1) And (3) encryption process:
when the CPU writes data d into the memory location corresponding to the address a, the encrypted data d' is ED (K, a, d).
2) And (3) decryption process:
the CPU reads the data d ' in the storage unit corresponding to the address a, performs decryption operation to obtain d ═ ED-1(K, a, d '), and then sends the d ═ ED-1(K, a, d ') to the CPU.
In the embodiment of the present invention, two types of keys are stored in the security chip, including: a system key and a user key.
Specifically, the system key is stored in a memory of the security chip in a ciphertext mode, operation is performed in a file index mode, when authentication is performed, an actual authentication key is derived through the ciphertext storage authentication key of the security chip and is stored in an RAM inside the security chip, and an authentication key file in the RAM cannot be read out and only participates in operation within a life cycle; after the operation is executed, the authentication key in the RAM is reset to zero and is cleared.
The user key includes: the SM2key pair and the SM4 encryption and decryption key of the user, wherein an SM2public key and a private key are stored in a corresponding memory of the security chip, the SM4 encryption and decryption key needs to be input by application and stored in a RAM of the security chip, an encryption and decryption key file in the RAM cannot be read out and can only participate in operation in a life cycle, and the RAM encryption and decryption key is set to zero and cleared after the operation is executed.
In another embodiment of the present invention, before formally applying a security chip, a terminal device performs firmware detection on the security chip and automatically downloads firmware when starting up, only a boot firmware is preset when the security chip leaves a factory, and application firmware related to a service needs to be automatically downloaded or updated when the terminal starts up, including the following steps:
software in the terminal equipment presets a security chip firmware file and a corresponding firmware version number attribute;
and after the terminal equipment is started, detecting the version number of the firmware of the security chip, and downloading the preset firmware of the security chip if the obtained version number of the firmware is null (no application firmware) or is different from the preset version number.
The invention can realize that: automatically downloading the firmware of the security chip; encrypting and decrypting data of the security chip and verifying a signature; and managing the key of the security chip.
The security chip firmware of the invention is automatically downloaded, data encryption and decryption and signature verification are carried out through the security chip, high-speed communication is carried out with the security chip through the SPI full duplex and synchronous communication bus, a security operation request and data receiving and transmitting are provided at a hardware adaptation layer, and a development interface is provided for security application at a system service layer.
The following describes the interaction flow of the security application and the security chip of the present invention.
The direct interaction process of the security application and the security chip is divided into three main steps: processing requests, module internal processing and processing result feedback. The processing request is completed in the hardware adaptation layer, and forms a corresponding format protocol, and the format protocol is sent to the security chip through the SPI interface. And after receiving the processing request, the security chip calls the corresponding algorithm engine to complete the operation, and after the operation processing result is completed, the content packaged into the specified format is transmitted to the security application, so that one operation flow is completed.
The main interface:
(1) device and information
And calling the connectDev function to connect the equipment, and if the return value of the connectDev function is true, indicating that the security chip works normally. If the device is not used for a long time, a disConnectDev function should be called in time to disconnect the device and release system resources. The device information and the software version information are acquired by calling getDevInfo and getVersion functions.
(2) Random number generation
And acquiring the true random number through a genRandom function.
(3) Asymmetric key algorithm
The interface supports generation of a key pair, public key encryption, private key decryption, signature, verification, user ID import, public key export and public key deletion. The asymmetric key is longer in number, and is generally used for encryption and decryption operations of a session key (symmetric key).
And calling a genSM2KeyPair function to generate a key pair, wherein the key pair is stored in the security chip, the private key cannot be derived, and the public key can be derived.
Calling an encryptSM2 function, and encrypting data by using a public key; calling a decryptSM2 function, and decrypting data by using a private key; importing user ID data by using the importuser ID; the exportSM2public Key is used for deriving a public key; import SM2public Key is used to import public key; calling a singSM2 function to digitally sign plaintext information, calling a verifySM2 function to verify the digital signature, and importing a user ID before signing and verifying; the public key is deleted using the deleteSM2PublicKey function.
(4) Hash operation
The SM3 calculation operation is initialized through the initSM3 function, calculation data update is provided by using the updateSM3 function, and the SM3hash value calculation result is finally obtained by using the digestSM3 function.
(5) Symmetric key algorithm
The encryption and decryption must use the same key, and are generally used for the encryption and decryption operations of memory data and files, and the encryption and decryption speed is high. Initializing data by using an initSM4 function, determining the encryption and decryption operation direction and the operation mode, encrypting and decrypting the data by using an updateSM4 function, and finishing the final encryption and decryption operation by using a dofinalSM4 function.
According to the Android platform security chip control system provided by the embodiment of the invention, the security chip is integrated on the industry terminal, the security operation interface is opened to provide security service for third-party security application according to the relevant policy and specification of the national password administration, and the industry sensitive data and important files are encrypted through the security chip, so that the data security of industry users can be effectively protected. In addition, the user key is stored in the security chip, and the private key cannot be read out, so that the storage security of the user key is ensured. The invention carries out high-speed communication with the safety chip through the SPI full duplex and synchronous communication bus, provides safety operation request and data receiving and transmitting on the hardware adaptation layer, and provides a development interface for safety application on the system service layer. The third-party application can realize operations such as key pair generation, public key import and export and key exchange, true random number generation and acquisition, data encryption and decryption and the like through a secure interface. By encrypting the user data, the safety of the user data information can be ensured at the source. According to the difference of the encrypted data and the files, different session keys are used, each session key is generated through a true random number generated by a security chip, one-time pad can be achieved, and therefore the security is improved. The private key is stored in the security chip and cannot be read out, so that the security of the user key is ensured.
The terminal equipment provides an open safe operation platform and rich and perfect system calling interfaces for third-party application, and provides convenient system integration service for deep customization of industry customers. The third-party application can realize operations such as key pair generation, public key import and export and key exchange, true random number generation and acquisition, data encryption and decryption and the like through a secure interface. The end user can encrypt and decrypt the text and the file through the third-party security application. Because the safety operation is completed in the chip, the information safety of the user can be guaranteed. The terminal device is used as an industry terminal, and integrates an information security technology into the terminal device, thereby successfully solving the problem that the existing industry software is encrypted through hardware. The user can encrypt the service information, and the core operation is completed in the matched hardware, so that the information security risk is effectively controlled.
In the description herein, references to the description of the term "one embodiment," "some embodiments," "an example," "a specific example," or "some examples," etc., mean that a particular feature, structure, material, or characteristic described in connection with the embodiment or example is included in at least one embodiment or example of the invention. In this specification, the schematic representations of the terms used above do not necessarily refer to the same embodiment or example. Furthermore, the particular features, structures, materials, or characteristics described may be combined in any suitable manner in any one or more embodiments or examples.
Although embodiments of the present invention have been shown and described above, it is understood that the above embodiments are exemplary and should not be construed as limiting the present invention, and that variations, modifications, substitutions and alterations can be made in the above embodiments by those of ordinary skill in the art without departing from the principle and spirit of the present invention. The scope of the invention is defined by the appended claims and equivalents thereof.

Claims (9)

1. The Android platform security chip control system is characterized by comprising: a hardware layer module, a hardware adaptation layer module, and an application interface layer module, wherein,
the hardware layer module comprises: the safety chip is connected to a main chip of the terminal equipment, is used for taking charge of algorithm operation and data storage and is communicated with the hardware adaptation layer module; the security chip stores a public key and a private key for encrypting and decrypting data;
the hardware adaptation layer module comprises: the device comprises an adaptation program and a device driver, wherein the device driver comprises an SPI device driver and a GPIO device driver, and the adaptation program packages a communication interface of hardware and provides a uniform interface for an upper layer;
the application interface layer module comprises: a secure application interface; and processing the data transmitted by the user application by calling the bottom encryption interface.
2. The Android platform security chip control system of claim 1, wherein the main chip of the terminal device supplies power to the security chip through a Vcc pin, resets the security chip through a RST pin, performs data communication with the security chip through an SPI interface, and feeds back a current working state to the terminal device through a GPIO interface.
3. The Android platform security chip control system of claim 1, in which there is no support for export and backup for private keys in the security chip.
4. The Android platform security chip control system of claim 1, wherein the security chip performs data encryption and data decryption on the stored data, comprising:
and (3) encryption process: generating a random number by using a security chip, encrypting a session key from the security chip and a plaintext from security application by adopting SM4 to generate a ciphertext b, encrypting the session key and a public key from the security chip by adopting SM2 to generate a ciphertext a, carrying out SM3hash operation on the ciphertext a and the ciphertext b to generate a ciphertext c, and then combining the ciphertext a, the ciphertext b and the ciphertext c to generate a ciphertext combination a + b + c which is used as a final encrypted ciphertext;
and (3) decryption process: decrypting the ciphertext a in the ciphertext combination a + b + c by using a private key by using SM2 to obtain a session key, decrypting the ciphertext b by using the session key in SM4 to obtain a plaintext, and sending the plaintext to a security application; and carrying out SM3hash operation on the ciphertext a + b to generate a ciphertext c ', and comparing the ciphertext c with the ciphertext c'.
5. The Android platform security chip control system of claim 4, wherein the asymmetric key SM2 cryptographic algorithm is designed based on ECC algorithm principle, and is implemented jointly for a hardware engine and software of an SM2 algorithm; the SM4 cryptographic algorithm is a symmetric algorithm, the security of the algorithm is verified, and the SM4 cryptographic algorithm is realized by a hardware engine of a security chip; the SM3 cryptographic algorithm is a hash algorithm, implemented by a hardware engine of the security chip.
6. The Android platform security chip control system of claim 4, wherein the security chip generates random numbers through a true random number generator, a linear feedback shift register, and an SM4 post-processor, wherein the true random number generator constantly generates a 1-bit true random sequence as a seed for the linear feedback shift register; the SM4 post-processor generates post-processing random numbers by adopting SM4 arithmetic operation.
7. The Android platform security chip control system of claim 1, wherein the security chip stores two types of keys, including: a system key and a user key, wherein,
the system key is stored in a memory of the security chip in a ciphertext mode, operation is carried out in a file index mode, when authentication is carried out, an actual authentication key is derived through the ciphertext storage authentication key of the security chip and is stored in an RAM inside the security chip, and an authentication key file in the RAM cannot be read out and only participates in operation in a life cycle; after the operation is executed, the authentication key in the RAM is reset to zero and is cleared;
the user key includes: the SM2key pair and the SM4 encryption and decryption key of the user, wherein an SM2public key and a private key are stored in a corresponding memory of the security chip, the SM4 encryption and decryption key needs to be input by application and stored in a RAM of the security chip, an encryption and decryption key file in the RAM cannot be read out and can only participate in operation in a life cycle, and the RAM encryption and decryption key is set to zero and cleared after the operation is executed.
8. The Android platform security chip control system of claim 1, wherein the terminal device performs firmware detection and boot automatic downloading of firmware on the security chip before formal application of the security chip, the security chip only presets boot firmware when leaving a factory, and application firmware related to a service needs to be automatically downloaded or updated when the terminal is booted, including the following steps:
software in the terminal equipment presets a security chip firmware file and a corresponding firmware version number attribute;
and after the terminal equipment is started, detecting the version number of the firmware of the security chip, and downloading the preset firmware of the security chip if the obtained version number of the firmware is null or different from the preset version number.
9. The Android platform security chip control system of claim 1, wherein the service provided by the security chip, as an Android Framework system service, runs in a system background all the time, provides an encryption/decryption interface and a key management interface for security applications, and is connected to the HAL layer through a JNI.
CN202010674830.8A 2020-07-14 2020-07-14 Android platform security chip control system Pending CN111783078A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202010674830.8A CN111783078A (en) 2020-07-14 2020-07-14 Android platform security chip control system

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202010674830.8A CN111783078A (en) 2020-07-14 2020-07-14 Android platform security chip control system

Publications (1)

Publication Number Publication Date
CN111783078A true CN111783078A (en) 2020-10-16

Family

ID=72767768

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202010674830.8A Pending CN111783078A (en) 2020-07-14 2020-07-14 Android platform security chip control system

Country Status (1)

Country Link
CN (1) CN111783078A (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112948855A (en) * 2021-03-03 2021-06-11 深圳市建讯电子有限公司 Integrated processor chip, application program terminal and terminal equipment
CN113342735A (en) * 2021-06-28 2021-09-03 海光信息技术股份有限公司 Processor chip and electronic equipment
CN113392058A (en) * 2021-06-11 2021-09-14 上海商米科技集团股份有限公司 Data synchronous interaction method and device for android system and low-speed module
CN113722104A (en) * 2021-09-10 2021-11-30 上海芯钛信息科技有限公司 Vehicle-mounted domain controller chip system and method for improving safety of vehicle-mounted domain controller
CN114553430A (en) * 2022-01-21 2022-05-27 华北电力大学 SDP-based novel power service terminal safe access system
WO2022261878A1 (en) * 2021-06-16 2022-12-22 华为技术有限公司 Method for using artificial intelligence model and related apparatus

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1553349A (en) * 2003-05-29 2004-12-08 联想(北京)有限公司 Safety chip and information safety processor and processing method
CN103019648A (en) * 2012-11-27 2013-04-03 天津大学 True random number generator with digital post-processing circuit
CN104717643A (en) * 2013-12-12 2015-06-17 北京大学 Mobile device safety communication platform
CN106027238A (en) * 2016-06-30 2016-10-12 中国电子科技集团公司第五十四研究所 True random number generator applicable to wireless communication system
CN111163108A (en) * 2020-02-04 2020-05-15 国网江苏省电力有限公司南京供电分公司 Electric power Internet of things security terminal chip composite encryption system and method

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN1553349A (en) * 2003-05-29 2004-12-08 联想(北京)有限公司 Safety chip and information safety processor and processing method
CN103019648A (en) * 2012-11-27 2013-04-03 天津大学 True random number generator with digital post-processing circuit
CN104717643A (en) * 2013-12-12 2015-06-17 北京大学 Mobile device safety communication platform
CN106027238A (en) * 2016-06-30 2016-10-12 中国电子科技集团公司第五十四研究所 True random number generator applicable to wireless communication system
CN111163108A (en) * 2020-02-04 2020-05-15 国网江苏省电力有限公司南京供电分公司 Electric power Internet of things security terminal chip composite encryption system and method

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN112948855A (en) * 2021-03-03 2021-06-11 深圳市建讯电子有限公司 Integrated processor chip, application program terminal and terminal equipment
CN112948855B (en) * 2021-03-03 2024-03-19 深圳市建讯电子有限公司 Integrated processor chip, application program terminal and terminal equipment
CN113392058A (en) * 2021-06-11 2021-09-14 上海商米科技集团股份有限公司 Data synchronous interaction method and device for android system and low-speed module
CN113392058B (en) * 2021-06-11 2023-09-05 上海商米科技集团股份有限公司 Data synchronous interaction method and device for android system and low-speed module
WO2022261878A1 (en) * 2021-06-16 2022-12-22 华为技术有限公司 Method for using artificial intelligence model and related apparatus
CN113342735A (en) * 2021-06-28 2021-09-03 海光信息技术股份有限公司 Processor chip and electronic equipment
CN113342735B (en) * 2021-06-28 2024-04-16 海光信息技术股份有限公司 Processor chip and electronic equipment
CN113722104A (en) * 2021-09-10 2021-11-30 上海芯钛信息科技有限公司 Vehicle-mounted domain controller chip system and method for improving safety of vehicle-mounted domain controller
CN114553430A (en) * 2022-01-21 2022-05-27 华北电力大学 SDP-based novel power service terminal safe access system
CN114553430B (en) * 2022-01-21 2024-02-06 华北电力大学 SDP-based safety access system for power service terminal

Similar Documents

Publication Publication Date Title
CN109933995B (en) User sensitive data protection and system based on cloud service and block chain
CN111783078A (en) Android platform security chip control system
CN108345806B (en) Hardware encryption card and encryption method
EP2965254B1 (en) Systems and methods for maintaining integrity and secrecy in untrusted computing platforms
CN109313690B (en) Self-contained encrypted boot policy verification
US10454674B1 (en) System, method, and device of authenticated encryption of messages
Zhao et al. Providing root of trust for ARM TrustZone using on-chip SRAM
US7082539B1 (en) Information processing apparatus
WO2020192406A1 (en) Method and apparatus for data storage and verification
CN110401615B (en) Identity authentication method, device, equipment, system and readable storage medium
CN111367834A (en) Self-encrypting driver (SED)
CN108199827B (en) Client code integrity checking method, storage medium, electronic device and system
WO2023240866A1 (en) Cipher card and root key protection method therefor, and computer readable storage medium
CN113434853A (en) Method for burning firmware to storage device and controller
CN103971034A (en) Method and device for protecting Java software
CN110659506A (en) Replay protection of memory based on key refresh
CN110233729B (en) Encrypted solid-state disk key management method based on PUF
CN114942729A (en) Data safety storage and reading method for computer system
CN110932853B (en) Key management device and key management method based on trusted module
CN101355424B (en) Method for safely migrating handhold equipment data
CN116484379A (en) System starting method, system comprising trusted computing base software, equipment and medium
CN105022651A (en) Anti-piratic method in equipment production process and firmware burning device
CN114448794A (en) Method and device for safely upgrading firmware based on trusted root of chip
CN113508380A (en) Method for terminal entity authentication
CN116881945B (en) Solid state disk encryption and decryption method and system based on TPCM and electronic equipment

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination