CN114090209B - Password acquisition method based on RISC-V architecture - Google Patents
Password acquisition method based on RISC-V architecture Download PDFInfo
- Publication number
- CN114090209B CN114090209B CN202111394280.5A CN202111394280A CN114090209B CN 114090209 B CN114090209 B CN 114090209B CN 202111394280 A CN202111394280 A CN 202111394280A CN 114090209 B CN114090209 B CN 114090209B
- Authority
- CN
- China
- Prior art keywords
- mode
- password
- risc
- under
- processing
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 15
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/48—Program initiating; Program switching, e.g. by interrupt
- G06F9/4806—Task transfer initiation or dispatching
- G06F9/4843—Task transfer initiation or dispatching by program, e.g. task dispatcher, supervisor, operating system
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F9/00—Arrangements for program control, e.g. control units
- G06F9/06—Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
- G06F9/46—Multiprogramming arrangements
- G06F9/48—Program initiating; Program switching, e.g. by interrupt
- G06F9/4806—Task transfer initiation or dispatching
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- Collating Specific Patterns (AREA)
- Lock And Its Accessories (AREA)
Abstract
The invention discloses a password acquisition method based on RISC-V architecture, comprising the following steps: the RISC-V system is normally started, and the system enters a U mode to run; normally carrying out service processing under the U mode, and normally operating the service when the password processing is not involved; when the operation processing is needed to acquire the password and fingerprint information service, the system enters into the M mode to operate; the system acquires a password and a fingerprint under an M mode, and then performs operations related to password authentication; after the operation related to the password authentication is completed, exiting the M mode, and clearing the operation record information related to the password; the invention processes business logic in the U mode, and when the function of password related authentication is needed, the function is directly switched to the M mode to process data, the security level in the M mode is high, the application under the U mode is completely isolated, and the password security acquisition under the M mode is realized.
Description
Technical Field
The invention relates to the technical field of computer software and hardware information security, in particular to a password acquisition method based on a RISC-V architecture.
Background
The conventional RISC-V architecture system is in an M mode, but with the increase of the processing capacity of a RISC-V chip, the system uses a U mode, but when a scene of high security requirements related to passwords or fingerprints is involved, simple security management is carried out only through software, so that the security processing is certainly insufficient, and the passwords are easy to leak. The level of security must be increased for RISC-V systems with high security.
Disclosure of Invention
In order to solve the problems in the prior art, the invention aims to provide a password acquisition method based on a RISC-V architecture, which is used for processing business logic in a U mode, directly switching to an M mode for processing data when the password related authentication function is needed, and realizing the password safety acquisition in the M mode by completely isolating the application in the U mode with high safety level in the M mode.
In order to achieve the above purpose, the invention adopts the following technical scheme: a password acquisition method based on RISC-V architecture comprises the following steps:
step 1, normally starting a RISC-V system, and running the system under a U mode;
step 2, normally performing service processing under the U mode, and normally operating the service when the password processing is not involved;
step 3, when the operation processing is needed to acquire the password and fingerprint information service, the system enters into the M mode to operate;
step 4, the system acquires the password and the fingerprint under the M mode, and then performs the operation related to password authentication;
and 5, after the operation related to the password authentication is completed, exiting the M mode, and clearing the operation record information related to the password.
As a preferred embodiment, further comprising:
before the system is switched to operate in the M mode, locking and recording the operation under the U mode; and after exiting the M mode, the system unlocks the U mode and returns to the U mode to run the corresponding service.
The beneficial effects of the invention are as follows:
the invention can effectively solve the problem of safely acquiring the user password on the RISC-V chip system. Running a service program under a U mode of RISC-V, switching the system to an M mode when the safety information such as the password is needed to be used, and safely acquiring the password; the method can be used for carrying out security protection isolation on the passwords of the RISC-V system supporting the U mode and the M mode, can enable privacy operations such as the passwords to be carried out under an isolated environment, can not be attacked and interfered at all, and ensures the security of privacy information such as the passwords.
Drawings
Fig. 1 is a flow chart of a password acquisition method in an embodiment of the invention.
Detailed Description
Embodiments of the present invention will be described in detail below with reference to the accompanying drawings.
Examples
As shown in fig. 1, a method for obtaining a password based on a RISC-V architecture includes:
step 1, normally starting a RISC-V system, and enabling the system to operate under a U mode. When running in the U mode, only partial resources can be accessed, and all hardware resources cannot be accessed, wherein the hardware resources comprise a password input module and a fingerprint acquisition module;
step 2, normally performing service processing under the U mode, and normally operating the service when the password processing is not involved;
step 3, when the operation processing is required to acquire the services such as passwords, fingerprint information and the like, the system enters an M mode to operate;
step 4, before the system is switched to operate in the M mode, locking and recording the operation in the U mode;
step 5, the system acquires the password and the fingerprint under the M mode, and then performs some operations related to password authentication;
step 6, after the password-related operation is completed, exiting the M mode, and clearing password-related operation record information;
and 7, unlocking the U mode by the system and returning to the corresponding service of the system under the U mode.
The password acquisition method based on RISC-V architecture has been completed, including the operation switching of the system in U mode and M mode and the safe acquisition of the password in M mode. After the system is switched to the M mode, the operation information of the U mode which is operated normally before is locked, and the operation of the U mode cannot be performed, so that the operation of the system in the M mode can only be performed. And the corresponding password verification operation is carried out after the password or fingerprint is acquired under the M mode, and the program under the U mode cannot be operated in the process, so that malicious programs or attacks cannot be operated, and the security of the password and fingerprint information can be ensured.
The foregoing examples merely illustrate specific embodiments of the invention, which are described in greater detail and are not to be construed as limiting the scope of the invention. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the invention, which are all within the scope of the invention.
Claims (2)
1. The password acquisition method based on RISC-V architecture is characterized by comprising the following steps:
step 1, normally starting a RISC-V system, and running the system under a U mode; the password input module and the fingerprint acquisition module cannot be accessed when the U-mode is operated below;
step 2, normally performing service processing under the U mode, and normally operating the service when the password processing is not involved;
step 3, when the operation processing is needed to acquire the password and fingerprint information service, the system enters into the M mode to operate;
step 4, the system acquires the password and the fingerprint under the M mode, and then performs the operation related to password authentication;
and 5, after the operation related to the password authentication is completed, exiting the M mode, and clearing the operation record information related to the password.
2. The RISC-V architecture based password acquisition method of claim 1, further comprising:
before the system is switched to operate in the M mode, locking and recording the operation under the U mode; and after exiting the M mode, the system unlocks the U mode and returns to the U mode to run the corresponding service.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111394280.5A CN114090209B (en) | 2021-11-23 | 2021-11-23 | Password acquisition method based on RISC-V architecture |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202111394280.5A CN114090209B (en) | 2021-11-23 | 2021-11-23 | Password acquisition method based on RISC-V architecture |
Publications (2)
Publication Number | Publication Date |
---|---|
CN114090209A CN114090209A (en) | 2022-02-25 |
CN114090209B true CN114090209B (en) | 2024-04-12 |
Family
ID=80303247
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202111394280.5A Active CN114090209B (en) | 2021-11-23 | 2021-11-23 | Password acquisition method based on RISC-V architecture |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN114090209B (en) |
Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103150159A (en) * | 2012-01-27 | 2013-06-12 | 微软公司 | Identifier generation using named objects |
CN109947550A (en) * | 2019-03-18 | 2019-06-28 | 晶晨半导体(上海)股份有限公司 | A kind of uneven bottoms processing system and method suitable for RISC-V framework |
CN112632562A (en) * | 2020-12-28 | 2021-04-09 | 四川虹微技术有限公司 | Equipment starting method, equipment management method and embedded equipment |
CN112749397A (en) * | 2019-10-29 | 2021-05-04 | 阿里巴巴集团控股有限公司 | System and method |
CN112748929A (en) * | 2021-01-15 | 2021-05-04 | 苏州浪潮智能科技有限公司 | RISC-V based trellis code processing system, method, device and storage medium |
CN112765637A (en) * | 2021-01-27 | 2021-05-07 | 北京数字认证股份有限公司 | Data processing method, password service device and electronic equipment |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US9886595B2 (en) * | 2012-12-07 | 2018-02-06 | Samsung Electronics Co., Ltd. | Priority-based application execution method and apparatus of data processing device |
US10552206B2 (en) * | 2017-05-23 | 2020-02-04 | Ge Aviation Systems Llc | Contextual awareness associated with resources |
CN113569245A (en) * | 2020-04-28 | 2021-10-29 | 阿里巴巴集团控股有限公司 | Processing device, embedded system, system on chip and security control method |
-
2021
- 2021-11-23 CN CN202111394280.5A patent/CN114090209B/en active Active
Patent Citations (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN103150159A (en) * | 2012-01-27 | 2013-06-12 | 微软公司 | Identifier generation using named objects |
CN109947550A (en) * | 2019-03-18 | 2019-06-28 | 晶晨半导体(上海)股份有限公司 | A kind of uneven bottoms processing system and method suitable for RISC-V framework |
CN112749397A (en) * | 2019-10-29 | 2021-05-04 | 阿里巴巴集团控股有限公司 | System and method |
CN112632562A (en) * | 2020-12-28 | 2021-04-09 | 四川虹微技术有限公司 | Equipment starting method, equipment management method and embedded equipment |
CN112748929A (en) * | 2021-01-15 | 2021-05-04 | 苏州浪潮智能科技有限公司 | RISC-V based trellis code processing system, method, device and storage medium |
CN112765637A (en) * | 2021-01-27 | 2021-05-07 | 北京数字认证股份有限公司 | Data processing method, password service device and electronic equipment |
Non-Patent Citations (2)
Title |
---|
"Cryptographic Accelerators for Trusted Execution Environment in RISC-V Processors";Trong-Thuc Hoang;《2020 IEEE International Symposium on Circuits and Systems(ISCAS)》;20200928;第1-4页 * |
"基于RISC-V的中断***的研究与设计";徐可凡;《中国优秀硕士学位论文全文数据库 信息科技辑》;20210515(2021年第05期);第I135-192页 * |
Also Published As
Publication number | Publication date |
---|---|
CN114090209A (en) | 2022-02-25 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10043053B2 (en) | Systems and methods for authenticating a user of a biometric sensor | |
CN102349061B (en) | Method and system for authenticating a user | |
CA3038884C (en) | Protecting mobile devices from unauthorized device resets | |
CN102184352A (en) | Automatic protecting method for computer system based on Bluetooth device authentication | |
US20150012748A1 (en) | Method And System For Protecting Data | |
US20120246714A1 (en) | Dynamic Password Strength Dependent On System State | |
CN101650693B (en) | Security control method for mobile hard disk and security mobile hard disk | |
US20120030475A1 (en) | Machine-machine authentication method and human-machine authentication method for cloud computing | |
EP3229400B1 (en) | Password push method, push system, and terminal device | |
CN109255259B (en) | High-security encryption and decryption computing capability expansion method and system | |
US20170201528A1 (en) | Method for providing trusted service based on secure area and apparatus using the same | |
US8978150B1 (en) | Data recovery service with automated identification and response to compromised user credentials | |
CN114218561A (en) | Weak password detection method, terminal equipment and storage medium | |
CN114090209B (en) | Password acquisition method based on RISC-V architecture | |
CN111698253A (en) | Computer network safety system | |
CN110851881B (en) | Security detection method and device for terminal equipment, electronic equipment and storage medium | |
CN115640589A (en) | Security protection equipment, service execution method, device and storage medium | |
CN111291429B (en) | Data protection method and system | |
CN110717175A (en) | Security authentication method based on security computer | |
KR101955449B1 (en) | Method and system for protecting personal information infingement using division of authentication process and biometrics authentication | |
KR101636802B1 (en) | File management method and system for preventing security incident by portable memory | |
CN113420322B (en) | Model training and desensitizing method and device, electronic equipment and storage medium | |
CN111400710A (en) | Method for protecting computer system safety | |
CN103457730A (en) | Device and method for safety information interaction and IC card for safety information interaction | |
CN118250026A (en) | Safety control chip based on multidimensional access control strategy and working method thereof |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |