CN2636326Y - Safety ciphering and storing device based on USB interface - Google Patents
Safety ciphering and storing device based on USB interface Download PDFInfo
- Publication number
- CN2636326Y CN2636326Y CN 03263579 CN03263579U CN2636326Y CN 2636326 Y CN2636326 Y CN 2636326Y CN 03263579 CN03263579 CN 03263579 CN 03263579 U CN03263579 U CN 03263579U CN 2636326 Y CN2636326 Y CN 2636326Y
- Authority
- CN
- China
- Prior art keywords
- usb
- smart card
- control chip
- interface
- circuit board
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Expired - Fee Related
Links
- 238000003860 storage Methods 0.000 claims abstract description 21
- 230000005055 memory storage Effects 0.000 claims description 12
- 238000004891 communication Methods 0.000 claims description 4
- 230000002093 peripheral effect Effects 0.000 claims description 2
- 230000005540 biological transmission Effects 0.000 description 9
- 230000007246 mechanism Effects 0.000 description 8
- 238000000034 method Methods 0.000 description 8
- 230000008569 process Effects 0.000 description 6
- 238000010586 diagram Methods 0.000 description 5
- 238000005516 engineering process Methods 0.000 description 5
- 238000007726 management method Methods 0.000 description 5
- 238000004519 manufacturing process Methods 0.000 description 3
- 238000004458 analytical method Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 2
- 230000008901 benefit Effects 0.000 description 1
- 230000015572 biosynthetic process Effects 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000008859 change Effects 0.000 description 1
- 238000013500 data storage Methods 0.000 description 1
- 238000000151 deposition Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 230000009545 invasion Effects 0.000 description 1
- 239000002245 particle Substances 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 239000004065 semiconductor Substances 0.000 description 1
- 238000005728 strengthening Methods 0.000 description 1
- 238000012360 testing method Methods 0.000 description 1
- 230000001131 transforming effect Effects 0.000 description 1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
A safety encryption and storage device based on a USB interface is provided, in particular to an encryption device that can make online and local ID authentication, encrypt/decrypt and save the document and make document safety network transportation based on USB interface and intelligent card. The device comprises a shell; the shell accepts a circuit board internally. One end of the circuit board is provided with an interface standing out of the shell. The circuit board also comprises a USB control chip that controls the encryption/decryption and data read-write, an intelligent card module that makes ID authentication and encryption/decryption, and a large capacity storage module. The large capacity storage module and the intelligent module are connected with the USB control chip respectively, the USB control chip can be connected with the USB interface of the computer via the interface, encrypt the data that the computer requires to encrypt/decrypt, and save the result after the encryption/decryption.
Description
Technical field
The present invention relates to the safety encipher device,, be used for that smart card carries out the authentication of online and this identity and to file enciphering/deciphering and storage and to the file security Network Transmission especially based on the encryption device of USB (universal serial bus).
Background technology
Growing along with Computer Applied Technology; Developing rapidly of computing machine more and more become a kind of in people's productive life must obligato information media. network technology is well solved information sharing problem rapidly and efficiently, but how to control key message do not divulged a secret by inside? how to guarantee efficiently collaborative use the and without domestic trouble and foreign invasion of the important information resourse security of enterprises and institutions? how to guarantee to distribute all over the world branch and general headquarters safety is shared and the exchange important information? how to share important commercial matters information with the affiliate of oneself and don't worry is divulged a secret? how when guaranteeing enterprises and institutions' information security and don't must bear overweight cost because of safety? these problems have become a series of very important problem of the vast enterprises and institutions of relation Institutions Development.
Because smart card has adopted and can prevent various chemistry; optics; microprobe; test pattern; particle ray; the safety chip of hardware attack methods such as differential power analysis method; and built-in chip type RSA; 3DES; the secure cryptographic algorithm of high strength such as SHA-1; key produces at random by hardware; whole cryptographic calculation process is finished in safety chip; and all encryption keys are not exposed; thereby using the encryption of smart card implementation data and the cryptographic key protection that adopt current state-of-the-art semiconductor fabrication and information security technology is one of internationally recognized best scheme that ensures information security.The reliability of smart card and security make that smart card is more and more universal, and application cost has reached low-down degree.But because the restriction of manufacturing cost and manufacturing technology ability, almost can't realize in other words so that the requirement of the safety encipher that satisfies current Large Volume Data and mobile storage is very difficult by strengthening the limited storage capacity of smart card itself.
Summary of the invention
A purpose of the present utility model is to provide safety encipher and the memory storage based on USB (universal serial bus), relates in particular to based on USB (universal serial bus) and smart card to carry out online and this identity authentication and to file enciphering/deciphering and storage and to the encryption device of file security Network Transmission.Smart card and high capacity storage chip safety are integrated, utilize smart card that the key management mechanism of high-intensity authentication and strict safety is provided, can realize file encryption, PC clean boot, network or this machine secure log, remote secure access, mail security transmission, file network safe transmission and the control of server resource access and other Secure Application by the public key encryption system.Can satisfy well that mechanism of present vast enterprises and institutions effectively manages key data such as core trade secret, business contract, financial statement, design proposal, customer profile, software source code and file etc. and the important need of safeguard protection.
Another purpose of the present utility model is to provide based on USB (universal serial bus) and smart card carries out online and this identity authentication and to file enciphering/deciphering and storage and to the encryption and the memory storage of file security Network Transmission.It adopts the smart card with data encryption and extendible storage capacity; by USB (universal serial bus) and computing machine communication; utilize the cryptographic capabilities and the protection of access control mechanisms implementation data of smart card, by the plug-and-play feature of USB mouth, the requirement that ensures information security fast and effectively.
A purpose more of the present utility model is to provide based on USB (universal serial bus) and smart card carries out online and this identity authentication and to file enciphering/deciphering and storage and to the encryption and the memory storage of file security Network Transmission.Directly link with smart card and large-capacity storage media such as hard disk or non-volatile FLASH storer simultaneously by USB control chip, by the high capacity storage space of smart card security management from tens megabyte to several ten thousand megabyte, making needs safe mobile storage but originally because of being subjected to the smart cards for storage capacity limit can't be stored in the data of smart card, for example relevant many biological characteristic files and the secure file after digital certificate and the encryption with the smart card security application, also can obtain the mobile storage service of light safe and convenient, overcome the highest 64K of the having only bytes of memory of current smart card capacity limit, thereby have extremely application prospects.
For achieving the above object, the utility model is achieved through the following technical solutions:
Safety encipher and memory storage based on USB (universal serial bus) is characterized in that: comprise a housing, described enclosure interior is held a circuit board; One end of circuit board is provided with the outer interface of an outstanding housing, also is provided with the USB control chip of a control enciphering/deciphering and reading and writing data on the circuit board, and one implements the smart card module of authentication and enciphering/deciphering operation and the high capacity memory module of storage data; Wherein, high capacity memory module and smart card module link with the USB control chip respectively, and the USB control chip can link by interface and computing machine USB interface.
Described USB control chip and described high capacity memory module and described smart card module are integrated on the circuit board, or described smart card module separately with plug-in mode and integrated after circuit board join.
Described interface is a USB interface, also can be serial ports and IEEE 1394 computer peripheral equipment communication interfaces.
Described USB control chip is full speed or high speed USB control chip.
Described high capacity memory module is a hard disk.
Described high capacity memory module is non-volatile FLASH storer.
Described smart card module is built-in secure cryptographic algorithm and the CPU smart card that has microprocessor.
Described file encryption/decryption adopts PKI mechanism.
According to the analysis of technique scheme as can be known, the utlity model has following advantage:
1, the utility model is safely and reliably the secure data storage spatial spread of smart card (as hard disk or non-volatile FLASH storer) to external mass-memory unit, memory capacity chooses at random to several ten thousand megabyte from tens megabyte, both made full use of the high cryptographic capabilities and the data access control ability of smart card, and solved simultaneously the smart card security data space again and be subjected to manufacturer to dispatch from the factory restriction and the highest 64K of the having only byte in space and can not satisfy the problem of current demand.
2, the utility model adopts unique design greatly to simplify circuit, the structure dexterity, and dependable performance adopts the USB standard interface simultaneously, need not external power supply, plug and play is fit to the mobile storage requirement of secure data protection very much.
3, the secure data of depositing in the high capacity memory module adopts algorithm and the secret key encryption on the smart card, has high security.
4, implement unique shared encipherment scheme by PKI mechanism, utilize digital certificate to carry out the management of key, on the basis that guarantees security, simplified the handling cost of key management system, utilized the use of the security mechanism restriction of smart card simultaneously digital certificate.
5, each interface communication of the utility model all meets respective standard, and flexible configuration can be used separately, also can be used with other application, is convenient to popularize and promote.
Description of drawings
Fig. 1 is an example structure synoptic diagram of the present utility model;
Fig. 2 constitutes block diagram for an embodiment of the present utility model;
Fig. 3 is realization flow figure of the present utility model;
Fig. 4 is embodiment circuit theory diagrams of the present utility model.
Embodiment
As depicted in figs. 1 and 2, be an example structure synoptic diagram and the formation block diagram of the utility model encryption device, encryption device of the present utility model comprises a housing 5, described housing 5 inside hold a circuit board (not shown); One end of circuit board is provided with the interface 1 outside the outstanding housing 5, and full speed or high speed USB control chip 2, one non-volatile FLASH storage chips 3 and a smart card 4 arranged on the circuit board.Wherein, FLASH storage chip 3 and smart card 4 all link with USB control chip 2 and are integrated on the circuit board.Smart card adopts the secure cryptographic algorithm of high strength such as built-in RSA, 3DES, SHA-1 and the CPU smart card of band microprocessor.Power supply of the present utility model is taken from the main frame USB interface, and USB D+ has pull-up resistor so that main frame is to the identification of this device, this principle of work fully according to, meet the USB standard.
As shown in Figure 3, the application program of main frame is sent instruction to the device drives of this device, the device drives of this device will be passed to the USB control chip after will transforming the instruction of host application program, the USB control chip is made corresponding response by built-in control program, judge whether the work at present state is the data encrypting and deciphering state, if, then implement authentication and encryption and decryption operation by respective algorithms and key in the smart card of invokes application appointment, operating process this time writes the high capacity memory module to the result by the USB control chip after finishing again; If the work at present state need not the data encrypting and deciphering operation, then the USB control chip is directly delivered to the high capacity memory module to data.Whole process finishes back USB control chip will be returned to device drives to operating result or state, and return to application program by its result.
In the implementation data encrypted process, the hardware random number generator that all keys (comprising symmetric key and unsymmetrical key) all pass through in the smart card produces, the algorithm that encryption and decryption adopts provides by the COS (chip operating system) in the smart card, and can select to download other autonomous algorithms that need as required.A large amount of ciphered data are adopted symmetry algorithm, asymmetric arithmetic is adopted in transmission to the data encryption key, use is included in public key encryption in the digital certificate to the data encrypted secret key, decrypt the key of data encryption earlier by the private key that is kept at smart card, by this key data encrypted is deciphered again.In the process that whole data transmission is shared, the key of the data encryption behind data encrypted and the public key encryption is with new stored in file format.The process of key management has also been simplified in the maximum like this security that guarantees data encryption key, has saved the cost of security implementation.Adopt PKI mechanism, utilize the digital certificate transmission security key, both guaranteed the crypticity requirement of information, guaranteed information integrity and non-repudiation simultaneously, really guaranteed flowing of efficient information.Security mechanism protection to the use of the digital certificate that is stored in smart card and private key can utilize COS in the smart card (chip operating system) to provide effectively prevents the dictionary attack that may carry out after this device is lost.
The utility model can change the memory capacity of high capacity memory module as required.
It is some that the utility model has has successfully designed and produced sample at present, well verified the purpose of this utility model.
It should be noted last that, above embodiment is only unrestricted in order to explanation the utility model, although the utility model is had been described in detail with reference to preferred embodiment, those of ordinary skill in the art is to be understood that, can make amendment or be equal to replacement the utility model, and do not break away from this novel spirit and scope, all should be encompassed in the claim scope of the present utility model.
Claims (7)
1. based on the safety encipher and the memory storage of USB (universal serial bus), it is characterized in that: comprise a housing, described enclosure interior is held a circuit board; One end of circuit board is provided with the outer interface of an outstanding housing, also is provided with the USB control chip of a control enciphering/deciphering and reading and writing data on the circuit board, and one implements the smart card module of authentication and enciphering/deciphering operation and the high capacity memory module of storage data; Wherein, high capacity memory module and smart card module link with the USB control chip respectively, and the USB control chip can link by interface and computing machine USB interface.
2. safety encipher and memory storage based on USB (universal serial bus) according to claim 1, it is characterized in that: described USB control chip and described high capacity memory module and described smart card module are integrated on the circuit board, or described smart card module separately with plug-in mode by the IC-card seat and integrated after circuit board join.
3. safety encipher and memory storage based on USB (universal serial bus) according to claim 1 and 2, it is characterized in that: described interface is a USB interface, also can be serial ports and IEEE1394 computer peripheral equipment communication interface.
4. safety encipher and memory storage based on USB (universal serial bus) according to claim 1 and 2 is characterized in that: described USB control chip is full speed or high speed USB control chip.
5. safety encipher and memory storage based on USB (universal serial bus) according to claim 1 and 2 is characterized in that: described high capacity memory module is a hard disk.
6. safety encipher and memory storage based on USB (universal serial bus) according to claim 1 and 2 is characterized in that: described high capacity memory module is non-volatile FLASH storer.
7. safety encipher and memory storage based on USB (universal serial bus) according to claim 1 and 2 is characterized in that: described smart card module is built-in secure cryptographic algorithm and the CPU smart card that has microprocessor.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 03263579 CN2636326Y (en) | 2003-06-13 | 2003-06-13 | Safety ciphering and storing device based on USB interface |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN 03263579 CN2636326Y (en) | 2003-06-13 | 2003-06-13 | Safety ciphering and storing device based on USB interface |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN2636326Y true CN2636326Y (en) | 2004-08-25 |
Family
ID=34297090
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN 03263579 Expired - Fee Related CN2636326Y (en) | 2003-06-13 | 2003-06-13 | Safety ciphering and storing device based on USB interface |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN2636326Y (en) |
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1329808C (en) * | 2004-10-09 | 2007-08-01 | 宇瞻科技股份有限公司 | Data coding and decoding device |
| CN100401280C (en) * | 2005-06-08 | 2008-07-09 | 北京飞天诚信科技有限公司 | Universal serial bus data transmission method and apparatus thereof |
| CN100454321C (en) * | 2006-04-29 | 2009-01-21 | 北京飞天诚信科技有限公司 | USB device with data memory and intelligent secret key and control method thereof |
| CN101018131B (en) * | 2007-02-16 | 2010-11-03 | 北京飞天诚信科技有限公司 | Information security device with the function selection device and its control method |
| CN101196855B (en) * | 2007-12-29 | 2011-01-12 | 深圳中泽明芯科技有限公司 | Mobile encrypted memory device and cipher text storage area data encrypting and deciphering processing method |
| CN102024115A (en) * | 2010-11-19 | 2011-04-20 | 紫光股份有限公司 | Computer with user security subsystem |
-
2003
- 2003-06-13 CN CN 03263579 patent/CN2636326Y/en not_active Expired - Fee Related
Cited By (7)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1329808C (en) * | 2004-10-09 | 2007-08-01 | 宇瞻科技股份有限公司 | Data coding and decoding device |
| CN100401280C (en) * | 2005-06-08 | 2008-07-09 | 北京飞天诚信科技有限公司 | Universal serial bus data transmission method and apparatus thereof |
| CN100454321C (en) * | 2006-04-29 | 2009-01-21 | 北京飞天诚信科技有限公司 | USB device with data memory and intelligent secret key and control method thereof |
| CN101018131B (en) * | 2007-02-16 | 2010-11-03 | 北京飞天诚信科技有限公司 | Information security device with the function selection device and its control method |
| CN101196855B (en) * | 2007-12-29 | 2011-01-12 | 深圳中泽明芯科技有限公司 | Mobile encrypted memory device and cipher text storage area data encrypting and deciphering processing method |
| CN102024115A (en) * | 2010-11-19 | 2011-04-20 | 紫光股份有限公司 | Computer with user security subsystem |
| CN102024115B (en) * | 2010-11-19 | 2013-04-17 | 紫光股份有限公司 | Computer with user security subsystem |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN1118982C (en) | A circuit and method for ensuring interconnect security within a multi-chip integrated circuit package | |
| CN1269071C (en) | Storage card | |
| CN101196855B (en) | Mobile encrypted memory device and cipher text storage area data encrypting and deciphering processing method | |
| CN100454321C (en) | USB device with data memory and intelligent secret key and control method thereof | |
| CN109104281A (en) | Tokenized hardware security module | |
| CN100437618C (en) | Portable information safety device | |
| JP4279856B2 (en) | Information transfer method and computer | |
| EP1890420A1 (en) | A separate encryption/decryption equipment for plentiful data and a implementing method thereof | |
| RU2573211C2 (en) | Execution method and universal electronic card and smart card system | |
| EP1580663A1 (en) | A method for realizing security data storage and algorithm storage by means of semiconductor memory device | |
| CN206611427U (en) | A kind of key storage management system based on trust computing device | |
| CN100550030C (en) | On portable terminal host, add the method for credible platform | |
| CN109977702A (en) | A kind of FPGA device encrypted authentication system and method based on DS2432 chip | |
| FR2979443A1 (en) | Method for storing data in memory interfacing with secure microcontroller, involves processing input data according to one of data processing methods to achieve data processed in different data formats | |
| CN102831081A (en) | Transparent encryption and decryption secure digital memory card (SD card) and implementation method thereof | |
| CN2636326Y (en) | Safety ciphering and storing device based on USB interface | |
| CN107566499A (en) | The methods, devices and systems of data syn-chronization | |
| CN103914642A (en) | USB (universal serial bus) KEY-based security suite structure system | |
| KR101043255B1 (en) | Usb hub device for providing datasecurity and method for providing datasecurity using the same | |
| CN1435761A (en) | Mobile data memory unit capable of implementing in-line and off-line encryption/decryption | |
| CN101950345A (en) | Hardware decryption-based high-reliability terminal equipment and working method thereof | |
| CN113158203B (en) | SOC chip, circuit and external data read-write method of SOC chip | |
| JPH04181282A (en) | Cryptographic system for file | |
| CN2650231Y (en) | Storage unit with optimized compression management mechanism | |
| CN116886356B (en) | Chip-level transparent file encryption storage system, method and equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| C41 | Transfer of patent application or patent right or utility model | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20090320 Address after: Room 1, unit 609, 602 floor, Guofeng Town, Wangjing new town, Beijing, Chaoyang District, Beijing: 100102 Patentee after: Peng Jun Address before: C3, 1 floor, BOE Science Park, No. 10 Jiuxianqiao Road, Beijing, Chaoyang District, 100016 Patentee before: JOYEE TECHNOLOGIES CO., LTD. |
|
| ASS | Succession or assignment of patent right |
Owner name: PENG JUN Free format text: FORMER OWNER: BEIJING TIMES ZHUO YI TECHNOLOGY DEVELOPMENT CO., LTD. Effective date: 20090320 |
|
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20040825 |