CN114090209B - Password acquisition method based on RISC-V architecture - Google Patents

Password acquisition method based on RISC-V architecture Download PDF

Info

Publication number
CN114090209B
CN114090209B CN202111394280.5A CN202111394280A CN114090209B CN 114090209 B CN114090209 B CN 114090209B CN 202111394280 A CN202111394280 A CN 202111394280A CN 114090209 B CN114090209 B CN 114090209B
Authority
CN
China
Prior art keywords
mode
password
risc
under
processing
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202111394280.5A
Other languages
Chinese (zh)
Other versions
CN114090209A (en
Inventor
杨国东
杨超
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Sichuan Cric Technology Co ltd
Original Assignee
Sichuan Cric Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Sichuan Cric Technology Co ltd filed Critical Sichuan Cric Technology Co ltd
Priority to CN202111394280.5A priority Critical patent/CN114090209B/en
Publication of CN114090209A publication Critical patent/CN114090209A/en
Application granted granted Critical
Publication of CN114090209B publication Critical patent/CN114090209B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/48Program initiating; Program switching, e.g. by interrupt
    • G06F9/4806Task transfer initiation or dispatching
    • G06F9/4843Task transfer initiation or dispatching by program, e.g. task dispatcher, supervisor, operating system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/46Multiprogramming arrangements
    • G06F9/48Program initiating; Program switching, e.g. by interrupt
    • G06F9/4806Task transfer initiation or dispatching
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y02TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
    • Y02DCLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
    • Y02D10/00Energy efficient computing, e.g. low power processors, power management or thermal management

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Collating Specific Patterns (AREA)
  • Lock And Its Accessories (AREA)

Abstract

The invention discloses a password acquisition method based on RISC-V architecture, comprising the following steps: the RISC-V system is normally started, and the system enters a U mode to run; normally carrying out service processing under the U mode, and normally operating the service when the password processing is not involved; when the operation processing is needed to acquire the password and fingerprint information service, the system enters into the M mode to operate; the system acquires a password and a fingerprint under an M mode, and then performs operations related to password authentication; after the operation related to the password authentication is completed, exiting the M mode, and clearing the operation record information related to the password; the invention processes business logic in the U mode, and when the function of password related authentication is needed, the function is directly switched to the M mode to process data, the security level in the M mode is high, the application under the U mode is completely isolated, and the password security acquisition under the M mode is realized.

Description

Password acquisition method based on RISC-V architecture
Technical Field
The invention relates to the technical field of computer software and hardware information security, in particular to a password acquisition method based on a RISC-V architecture.
Background
The conventional RISC-V architecture system is in an M mode, but with the increase of the processing capacity of a RISC-V chip, the system uses a U mode, but when a scene of high security requirements related to passwords or fingerprints is involved, simple security management is carried out only through software, so that the security processing is certainly insufficient, and the passwords are easy to leak. The level of security must be increased for RISC-V systems with high security.
Disclosure of Invention
In order to solve the problems in the prior art, the invention aims to provide a password acquisition method based on a RISC-V architecture, which is used for processing business logic in a U mode, directly switching to an M mode for processing data when the password related authentication function is needed, and realizing the password safety acquisition in the M mode by completely isolating the application in the U mode with high safety level in the M mode.
In order to achieve the above purpose, the invention adopts the following technical scheme: a password acquisition method based on RISC-V architecture comprises the following steps:
step 1, normally starting a RISC-V system, and running the system under a U mode;
step 2, normally performing service processing under the U mode, and normally operating the service when the password processing is not involved;
step 3, when the operation processing is needed to acquire the password and fingerprint information service, the system enters into the M mode to operate;
step 4, the system acquires the password and the fingerprint under the M mode, and then performs the operation related to password authentication;
and 5, after the operation related to the password authentication is completed, exiting the M mode, and clearing the operation record information related to the password.
As a preferred embodiment, further comprising:
before the system is switched to operate in the M mode, locking and recording the operation under the U mode; and after exiting the M mode, the system unlocks the U mode and returns to the U mode to run the corresponding service.
The beneficial effects of the invention are as follows:
the invention can effectively solve the problem of safely acquiring the user password on the RISC-V chip system. Running a service program under a U mode of RISC-V, switching the system to an M mode when the safety information such as the password is needed to be used, and safely acquiring the password; the method can be used for carrying out security protection isolation on the passwords of the RISC-V system supporting the U mode and the M mode, can enable privacy operations such as the passwords to be carried out under an isolated environment, can not be attacked and interfered at all, and ensures the security of privacy information such as the passwords.
Drawings
Fig. 1 is a flow chart of a password acquisition method in an embodiment of the invention.
Detailed Description
Embodiments of the present invention will be described in detail below with reference to the accompanying drawings.
Examples
As shown in fig. 1, a method for obtaining a password based on a RISC-V architecture includes:
step 1, normally starting a RISC-V system, and enabling the system to operate under a U mode. When running in the U mode, only partial resources can be accessed, and all hardware resources cannot be accessed, wherein the hardware resources comprise a password input module and a fingerprint acquisition module;
step 2, normally performing service processing under the U mode, and normally operating the service when the password processing is not involved;
step 3, when the operation processing is required to acquire the services such as passwords, fingerprint information and the like, the system enters an M mode to operate;
step 4, before the system is switched to operate in the M mode, locking and recording the operation in the U mode;
step 5, the system acquires the password and the fingerprint under the M mode, and then performs some operations related to password authentication;
step 6, after the password-related operation is completed, exiting the M mode, and clearing password-related operation record information;
and 7, unlocking the U mode by the system and returning to the corresponding service of the system under the U mode.
The password acquisition method based on RISC-V architecture has been completed, including the operation switching of the system in U mode and M mode and the safe acquisition of the password in M mode. After the system is switched to the M mode, the operation information of the U mode which is operated normally before is locked, and the operation of the U mode cannot be performed, so that the operation of the system in the M mode can only be performed. And the corresponding password verification operation is carried out after the password or fingerprint is acquired under the M mode, and the program under the U mode cannot be operated in the process, so that malicious programs or attacks cannot be operated, and the security of the password and fingerprint information can be ensured.
The foregoing examples merely illustrate specific embodiments of the invention, which are described in greater detail and are not to be construed as limiting the scope of the invention. It should be noted that it will be apparent to those skilled in the art that several variations and modifications can be made without departing from the spirit of the invention, which are all within the scope of the invention.

Claims (2)

1. The password acquisition method based on RISC-V architecture is characterized by comprising the following steps:
step 1, normally starting a RISC-V system, and running the system under a U mode; the password input module and the fingerprint acquisition module cannot be accessed when the U-mode is operated below;
step 2, normally performing service processing under the U mode, and normally operating the service when the password processing is not involved;
step 3, when the operation processing is needed to acquire the password and fingerprint information service, the system enters into the M mode to operate;
step 4, the system acquires the password and the fingerprint under the M mode, and then performs the operation related to password authentication;
and 5, after the operation related to the password authentication is completed, exiting the M mode, and clearing the operation record information related to the password.
2. The RISC-V architecture based password acquisition method of claim 1, further comprising:
before the system is switched to operate in the M mode, locking and recording the operation under the U mode; and after exiting the M mode, the system unlocks the U mode and returns to the U mode to run the corresponding service.
CN202111394280.5A 2021-11-23 2021-11-23 Password acquisition method based on RISC-V architecture Active CN114090209B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111394280.5A CN114090209B (en) 2021-11-23 2021-11-23 Password acquisition method based on RISC-V architecture

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111394280.5A CN114090209B (en) 2021-11-23 2021-11-23 Password acquisition method based on RISC-V architecture

Publications (2)

Publication Number Publication Date
CN114090209A CN114090209A (en) 2022-02-25
CN114090209B true CN114090209B (en) 2024-04-12

Family

ID=80303247

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111394280.5A Active CN114090209B (en) 2021-11-23 2021-11-23 Password acquisition method based on RISC-V architecture

Country Status (1)

Country Link
CN (1) CN114090209B (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103150159A (en) * 2012-01-27 2013-06-12 微软公司 Identifier generation using named objects
CN109947550A (en) * 2019-03-18 2019-06-28 晶晨半导体(上海)股份有限公司 A kind of uneven bottoms processing system and method suitable for RISC-V framework
CN112632562A (en) * 2020-12-28 2021-04-09 四川虹微技术有限公司 Equipment starting method, equipment management method and embedded equipment
CN112749397A (en) * 2019-10-29 2021-05-04 阿里巴巴集团控股有限公司 System and method
CN112748929A (en) * 2021-01-15 2021-05-04 苏州浪潮智能科技有限公司 RISC-V based trellis code processing system, method, device and storage medium
CN112765637A (en) * 2021-01-27 2021-05-07 北京数字认证股份有限公司 Data processing method, password service device and electronic equipment

Family Cites Families (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9886595B2 (en) * 2012-12-07 2018-02-06 Samsung Electronics Co., Ltd. Priority-based application execution method and apparatus of data processing device
US10552206B2 (en) * 2017-05-23 2020-02-04 Ge Aviation Systems Llc Contextual awareness associated with resources
CN113569245A (en) * 2020-04-28 2021-10-29 阿里巴巴集团控股有限公司 Processing device, embedded system, system on chip and security control method

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103150159A (en) * 2012-01-27 2013-06-12 微软公司 Identifier generation using named objects
CN109947550A (en) * 2019-03-18 2019-06-28 晶晨半导体(上海)股份有限公司 A kind of uneven bottoms processing system and method suitable for RISC-V framework
CN112749397A (en) * 2019-10-29 2021-05-04 阿里巴巴集团控股有限公司 System and method
CN112632562A (en) * 2020-12-28 2021-04-09 四川虹微技术有限公司 Equipment starting method, equipment management method and embedded equipment
CN112748929A (en) * 2021-01-15 2021-05-04 苏州浪潮智能科技有限公司 RISC-V based trellis code processing system, method, device and storage medium
CN112765637A (en) * 2021-01-27 2021-05-07 北京数字认证股份有限公司 Data processing method, password service device and electronic equipment

Non-Patent Citations (2)

* Cited by examiner, † Cited by third party
Title
"Cryptographic Accelerators for Trusted Execution Environment in RISC-V Processors";Trong-Thuc Hoang;《2020 IEEE International Symposium on Circuits and Systems(ISCAS)》;20200928;第1-4页 *
"基于RISC-V的中断***的研究与设计";徐可凡;《中国优秀硕士学位论文全文数据库 信息科技辑》;20210515(2021年第05期);第I135-192页 *

Also Published As

Publication number Publication date
CN114090209A (en) 2022-02-25

Similar Documents

Publication Publication Date Title
US10043053B2 (en) Systems and methods for authenticating a user of a biometric sensor
CN102349061B (en) Method and system for authenticating a user
CA3038884C (en) Protecting mobile devices from unauthorized device resets
CN102184352A (en) Automatic protecting method for computer system based on Bluetooth device authentication
US20150012748A1 (en) Method And System For Protecting Data
US20120246714A1 (en) Dynamic Password Strength Dependent On System State
CN101650693B (en) Security control method for mobile hard disk and security mobile hard disk
US20120030475A1 (en) Machine-machine authentication method and human-machine authentication method for cloud computing
EP3229400B1 (en) Password push method, push system, and terminal device
CN109255259B (en) High-security encryption and decryption computing capability expansion method and system
US20170201528A1 (en) Method for providing trusted service based on secure area and apparatus using the same
US8978150B1 (en) Data recovery service with automated identification and response to compromised user credentials
CN114218561A (en) Weak password detection method, terminal equipment and storage medium
CN114090209B (en) Password acquisition method based on RISC-V architecture
CN111698253A (en) Computer network safety system
CN110851881B (en) Security detection method and device for terminal equipment, electronic equipment and storage medium
CN115640589A (en) Security protection equipment, service execution method, device and storage medium
CN111291429B (en) Data protection method and system
CN110717175A (en) Security authentication method based on security computer
KR101955449B1 (en) Method and system for protecting personal information infingement using division of authentication process and biometrics authentication
KR101636802B1 (en) File management method and system for preventing security incident by portable memory
CN113420322B (en) Model training and desensitizing method and device, electronic equipment and storage medium
CN111400710A (en) Method for protecting computer system safety
CN103457730A (en) Device and method for safety information interaction and IC card for safety information interaction
CN118250026A (en) Safety control chip based on multidimensional access control strategy and working method thereof

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant