CN108242997B - Method and device for secure communication - Google Patents
Method and device for secure communication Download PDFInfo
- Publication number
- CN108242997B CN108242997B CN201611221027.9A CN201611221027A CN108242997B CN 108242997 B CN108242997 B CN 108242997B CN 201611221027 A CN201611221027 A CN 201611221027A CN 108242997 B CN108242997 B CN 108242997B
- Authority
- CN
- China
- Prior art keywords
- key
- public key
- digital signature
- algorithm
- random number
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/04—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
- H04L63/0428—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
- H04L63/0435—Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0861—Generation of secret information including derivation or calculation of cryptographic keys or passwords
- H04L9/0869—Generation of secret information including derivation or calculation of cryptographic keys or passwords involving random numbers or seeds
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/32—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
- H04L9/3247—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
本发明涉及信息安全领域,公开了一种安全通信的方法与设备。本发明实施方式中,验证CA的公钥是否完整及CA的数字签名是否有效;如果CA的公钥完整且CA的数字签名有效,则CA与TA通过三次握手生成对称密钥,并根据对称密钥进行加密通信。本发明实施方式,通过对CA的公钥与数字签名进行验证,可有效识别出被篡改或仿冒的CA,CA与TA通过三次握手生成对称密钥,并根据对称密钥进行加密通信,确保了通信内容的机密性和完整性,有效防止了攻击者窃取敏感数据或者破坏通信系统。
The invention relates to the field of information security, and discloses a method and device for secure communication. In the embodiment of the present invention, verify whether the public key of the CA is complete and whether the digital signature of the CA is valid; if the public key of the CA is complete and the digital signature of the CA is valid, the CA and the TA generate a symmetric key through three-way handshake, and according to the symmetric key key for encrypted communication. In the embodiment of the present invention, by verifying the public key and digital signature of the CA, the tampered or counterfeited CA can be effectively identified. The CA and the TA generate a symmetric key through three-way handshake, and perform encrypted communication according to the symmetric key, ensuring that The confidentiality and integrity of the communication content effectively prevent attackers from stealing sensitive data or destroying the communication system.
Description
技术领域technical field
本发明涉及信息安全领域,特别涉及一种安全通信的方法与设备。The present invention relates to the field of information security, in particular to a method and device for secure communication.
背景技术Background technique
在引入TEE(Trusted Execution Environment,可信执行环境)的终端设备系统中,包括TEE和REE(Rich Execution Environment,富执行环境)两个子系统,TEE负责处理需要较高安全保护的事务,比如秘钥存储、加解密、指纹识别等,REE是普通的操作系统,比如Android安卓系统、iOS苹果系统等,运行在REE操作系统之上的CA(Client Application,客户应用)与TA(Trusted Application,可信应用)通过共享内存来进行通信,如图1所示,富执行环境11包括客户应用111与富执行环境操作系统112,可信执行环境13包括可信应用131与可信执行环境操作系统132,客户应用111与可信应用131通过共享内存12进行通信,现有的技术方案一般都会对TEE操作系统和TA进行完整性或机密性保护,还有一些方案还会对REE操作系统进行完整性保护。In the terminal equipment system that introduces TEE (Trusted Execution Environment), including TEE and REE (Rich Execution Environment, rich execution environment) two subsystems, TEE is responsible for processing transactions that require higher security protection, such as secret keys Storage, encryption and decryption, fingerprint recognition, etc., REE is a common operating system, such as Android Android system, iOS Apple system, etc., running on the REE operating system CA (Client Application, customer application) and TA (Trusted Application, trusted application) applications) communicate through shared memory, as shown in FIG. 1 , the rich execution environment 11 includes a client application 111 and a rich execution
然而,在实现本发明的过程中,本申请的发明人发现,对于CA,现有的方案要么没有保护,要么保护力度不够,比如,当CA采用Android的APK(AndroidPackage,安卓安装包)形式时,CA APK是可以被签名的,但是Android采用的是自签名方式,这种自签名方式使用的签名证书并不是权威认证机构颁发的,而是开发者自己生成的,由于自签名证书无法使用认证机构的根证书进行验证,所以必须增加额外的机制才能保护自签名证书中的公钥的完整性,但是Android并没有相关机制,因此在本质上无法保证CA的完整性,也就是说CA有可能被篡改或仿冒,而系统却发现不了。攻击者可以通过篡改或仿冒CA对TEE系统构成威胁,比如窃取敏感数据、扰乱TEE系统正常运行等。此外,现有方案对于CA和TA的共享内存通信没有进行机密性和完整性保护,TEE规范的制定者GlobalPlatform(全球平台国际标准组织)也没有发布相关规范,导致攻击者可以通过REE系统上的恶意软件窃取或者篡改通信内容,从而窃取敏感数据或扰乱TEE系统正常运行。However, in the process of implementing the present invention, the inventor of the present application found that, for CA, the existing solutions either have no protection, or the protection is not strong enough, for example, when CA adopts the form of Android APK (Android Package, Android installation package) , CA APK can be signed, but Android uses a self-signed method. The signed certificate used in this self-signed method is not issued by an authoritative certification authority, but generated by the developer himself. Since the self-signed certificate cannot be used for authentication The root certificate of the organization is verified, so an additional mechanism must be added to protect the integrity of the public key in the self-signed certificate, but Android does not have a relevant mechanism, so the integrity of the CA cannot be guaranteed in essence, that is to say, the CA may has been tampered with or counterfeited without the system being able to detect it. Attackers can pose a threat to the TEE system by tampering with or counterfeiting the CA, such as stealing sensitive data and disrupting the normal operation of the TEE system. In addition, the existing scheme does not protect the confidentiality and integrity of the shared memory communication between the CA and the TA, and the TEE specification maker GlobalPlatform (Global Platform International Standards Organization) has not released relevant specifications, so that attackers can pass the REE system on the system. Malware steals or modifies the content of communications, thereby stealing sensitive data or disrupting the normal operation of TEE systems.
发明内容SUMMARY OF THE INVENTION
本发明实施方式的目的在于提供一种安全通信的方法与设备,通过对CA的公钥的完整性及对CA的数字签名的有效性进行验证,可有效识别出被篡改或仿冒的CA,CA与TA通过三次握手生成对称密钥,并根据对称密钥进行加密通信,确保了通信内容的机密性和完整性,有效防止了攻击者窃取敏感数据或者破坏通信系统。The purpose of the embodiments of the present invention is to provide a method and device for secure communication. By verifying the integrity of the CA's public key and the validity of the CA's digital signature, it can effectively identify the tampered or counterfeited CA, CA The symmetric key is generated through three-way handshake with the TA, and encrypted communication is performed according to the symmetric key, which ensures the confidentiality and integrity of the communication content, and effectively prevents attackers from stealing sensitive data or destroying the communication system.
为解决上述技术问题,本发明的实施方式提供了一种安全通信的方法,包括:In order to solve the above technical problems, embodiments of the present invention provide a method for secure communication, including:
验证所述CA的公钥是否完整及所述CA的数字签名是否有效;Verify that the CA's public key is complete and the CA's digital signature is valid;
如果所述CA的公钥完整且所述CA的数字签名有效,则所述CA与所述TA通过三次握手生成对称密钥,并根据所述对称密钥进行加密通信。If the public key of the CA is complete and the digital signature of the CA is valid, the CA and the TA generate a symmetric key through a three-way handshake, and perform encrypted communication according to the symmetric key.
本发明的实施方式还提供了一种安全通信设备,包括:Embodiments of the present invention also provide a safety communication device, comprising:
验证模块,用于验证所述CA的公钥是否完整及所述CA的数字签名是否有效;A verification module for verifying whether the public key of the CA is complete and whether the digital signature of the CA is valid;
生成对称密钥模块,用于当验证所述CA的公钥完整且所述CA的数字签名有效后,通过三次握手生成所述CA与所述TA的对称密钥;generating a symmetric key module for generating a symmetric key between the CA and the TA through a three-way handshake after verifying that the CA's public key is complete and the CA's digital signature is valid;
通信模块,用于根据所述对称密钥进行所述CA与所述TA的加密通信。A communication module, configured to perform encrypted communication between the CA and the TA according to the symmetric key.
本发明实施方式相对于现有技术而言,通过对CA的公钥的完整性与数字签名的有效性进行验证,可有效识别出被篡改或仿冒的CA,CA与TA通过三次握手生成对称密钥,并根据对称密钥进行加密通信,确保了通信内容的机密性和完整性,有效防止了攻击者窃取敏感数据或者破坏通信系统。Compared with the prior art, the embodiment of the present invention can effectively identify the tampered or counterfeited CA by verifying the integrity of the public key of the CA and the validity of the digital signature, and the CA and the TA generate a symmetric key through three-way handshake. encrypted communication according to the symmetric key, which ensures the confidentiality and integrity of the communication content, and effectively prevents attackers from stealing sensitive data or destroying the communication system.
另外,所述验证所述CA的公钥是否完整与所述CA的数字签名是否有效,具体包括:可信执行环境操作系统检测所述CA的公钥的第一摘要是否与所述TA中存储的第二摘要相同,其中,所述第二摘要为根据预设摘要算法生成的所述公钥的第二摘要;如果所述第一摘要与所述第二摘要相同,则富执行环境操作系统根据所述公钥,验证所述CA的数字签名是否有效;如果所述CA的数字签名有效,则所述CA完整。通过检测第一摘要与第二摘要是否相同,可以有效识别出被篡改或仿冒的CA公钥,通过验证CA的数字签名的有效性,可以有效识别出被篡改或仿冒的CA,从而确保了CA的完整性。In addition, the verifying whether the public key of the CA is complete and whether the digital signature of the CA is valid specifically includes: the trusted execution environment operating system detects whether the first digest of the public key of the CA is stored in the TA. The second digest is the same as the second digest of the public key, wherein the second digest is the second digest of the public key generated according to a preset digest algorithm; if the first digest is the same as the second digest, the rich execution environment operating system According to the public key, verify whether the digital signature of the CA is valid; if the digital signature of the CA is valid, the CA is complete. By detecting whether the first digest is the same as the second digest, the tampered or counterfeited CA public key can be effectively identified, and by verifying the validity of the CA's digital signature, the tampered or counterfeited CA can be effectively identified, thus ensuring that the CA completeness.
另外,在所述可信执行环境操作系统检测所述CA的公钥的第一摘要是否与所述TA中存储的第二摘要相同之前,还包括:所述富执行环境操作系统根据所述预设摘要算法,计算所述第一摘要,并将所述第一摘要发送至所述可信执行环境操作系统。便于可信执行环境操作系统有效识别出通信过程中仿冒或篡改的CA的公钥。In addition, before the trusted execution environment operating system detects whether the first digest of the public key of the CA is the same as the second digest stored in the TA, the method further includes: the rich execution environment operating system according to the predetermined A digest algorithm is provided, the first digest is calculated, and the first digest is sent to the trusted execution environment operating system. It is convenient for the operating system of the trusted execution environment to effectively identify the public key of the CA that is counterfeited or tampered with in the communication process.
另外,所述CA与所述TA通过三次握手生成对称密钥,具体包括:所述CA发送生成的第一随机数及对称加密算法与消息认证码算法的算法清单;所述TA发送选择的所述算法清单中算法的标识、生成的RSA公私钥对的公钥及生成的第二随机数;所述CA发送根据所述RSA公钥加密的第三随机数;所述CA与所述TA分别根据所述第一随机数、所述第二随机数与所述第三随机数生成所述对称密钥。CA与TA通过三次握手生成对称密钥,确保了密钥的安全性,进而确保了通信内容的机密性和完整性,有效防止了攻击者窃取敏感数据或者破坏通信系统。In addition, the CA and the TA generate a symmetric key through a three-way handshake, which specifically includes: the CA sends the generated first random number and the algorithm list of the symmetric encryption algorithm and the message authentication code algorithm; the TA sends the selected The identifier of the algorithm in the algorithm list, the generated public key of the RSA public-private key pair, and the generated second random number; the CA sends the third random number encrypted according to the RSA public key; the CA and the TA are respectively The symmetric key is generated according to the first random number, the second random number and the third random number. CA and TA generate a symmetric key through three-way handshake, which ensures the security of the key, thereby ensuring the confidentiality and integrity of the communication content, and effectively preventing attackers from stealing sensitive data or damaging the communication system.
附图说明Description of drawings
图1是现有技术中可信执行环境与富执行环境的交互示意图;1 is a schematic diagram of the interaction between a trusted execution environment and a rich execution environment in the prior art;
图2是根据本发明第一实施方式的一种安全通信的方法流程图;2 is a flowchart of a method for secure communication according to the first embodiment of the present invention;
图3是根据本发明第二实施方式的一种安全通信的方法流程图;3 is a flowchart of a method for secure communication according to a second embodiment of the present invention;
图4是根据本发明第三实施方式的一种安全通信设备的结构示意图;4 is a schematic structural diagram of a safety communication device according to a third embodiment of the present invention;
图5是根据本发明第四实施方式的一种安全通信设备的结构示意图。FIG. 5 is a schematic structural diagram of a safety communication device according to a fourth embodiment of the present invention.
具体实施方式Detailed ways
为使本发明的目的、技术方案和优点更加清楚,下面将结合附图对本发明的各实施方式进行详细的阐述。然而,本领域的普通技术人员可以理解,在本发明各实施方式中,为了使读者更好地理解本申请而提出了许多技术细节。但是,即使没有这些技术细节和基于以下各实施方式的种种变化和修改,也可以实现本申请所要求保护的技术方案。In order to make the objectives, technical solutions and advantages of the present invention clearer, each embodiment of the present invention will be described in detail below with reference to the accompanying drawings. However, those of ordinary skill in the art will appreciate that, in the various embodiments of the present invention, many technical details are set forth in order for the reader to better understand the present application. However, even without these technical details and various changes and modifications based on the following embodiments, the technical solutions claimed in the present application can be realized.
本发明第一实施方式涉及一种安全通信的方法。具体流程如图2所示。A first embodiment of the present invention relates to a method for secure communication. The specific process is shown in Figure 2.
在步骤201中,验证客户应用的公钥是否完整及数字签名是否有效,如果客户应用的公钥完整且客户应用的数字签名有效,则执行步骤202,否则结束。In
具体地说,验证客户应用CA的公钥是否完整及CA的数字签名是否有效,如果CA的公钥完整且CA的数字签名有效,则说明CA未被功击者篡改或仿冒,继续执行步骤202,客户应用与可信应用通过三次握手生成对称密钥,否则,说明CA被功击者篡改或仿冒,立即结束通信,从而效识别出被篡改或仿冒的CA。Specifically, verify whether the public key of the client application CA is complete and whether the digital signature of the CA is valid. If the public key of the CA is complete and the digital signature of the CA is valid, it means that the CA has not been tampered or counterfeited by the attacker, and proceed to
在步骤202中,客户应用与可信应用通过三次握手生成对称密钥。In
具体地说,当CA未被功击者篡改或仿冒时,客户应用CA与可信应用TA通过三次握手过程生成对称密钥,确保了密钥的安全性,进而确保了通信内容的机密性和完整性,有效防止了攻击者窃取敏感数据或者破坏通信系统。Specifically, when the CA is not tampered with or counterfeited by the attacker, the client application CA and the trusted application TA generate a symmetric key through a three-way handshake process, which ensures the security of the key, and thus ensures the confidentiality and integrity of the communication content. Integrity, effectively preventing attackers from stealing sensitive data or destroying communication systems.
在步骤203中,根据对称密钥进行加密通信。In step 203, encrypted communication is performed according to the symmetric key.
具体地说,发送方给接收方发信时,先根据对称密钥对待发送内容进行加密,再通过共享内存发送给接收方,接收方在给发送方回信时,同样先根据对称密钥对待发送内容进行加密,再通过共享内存发送给发送方,从而有效防止了攻击者窃取敏感数据。Specifically, when the sender sends a letter to the receiver, it first encrypts the content to be sent according to the symmetric key, and then sends it to the receiver through the shared memory. When the receiver replies to the sender, it also encrypts the content to be sent according to the symmetric key. Encrypted, and then sent to the sender through shared memory, thus effectively preventing attackers from stealing sensitive data.
与现有技术相比,在本实施方式中,通过对CA的公钥的完整性与数字签名的有效性进行验证,可有效识别出被篡改或仿冒的CA,CA与TA通过三次握手生成对称密钥,并根据对称密钥进行加密通信,确保了通信内容的机密性和完整性,有效防止了攻击者窃取敏感数据或者破坏通信系统。Compared with the prior art, in this embodiment, by verifying the integrity of the public key of the CA and the validity of the digital signature, the CA that has been tampered with or counterfeited can be effectively identified, and the CA and the TA generate a symmetry through a three-way handshake. The key is encrypted and the communication is encrypted according to the symmetric key, which ensures the confidentiality and integrity of the communication content, and effectively prevents attackers from stealing sensitive data or destroying the communication system.
本发明第二实施方式涉及一种安全通信的方法。第二实施方式在第一实施方式的基础上进行了进一步改进,主要改进之处在于:在本发明第二实施方式中,不仅具体给出了验证所述CA的公钥与数字签名的过程,还给出CA与TA通过三次握手生成对称密钥的具体过程,如图3所示。A second embodiment of the present invention relates to a method for secure communication. The second embodiment is further improved on the basis of the first embodiment. The main improvement lies in that: in the second embodiment of the present invention, not only the process of verifying the public key and digital signature of the CA is given, but also The specific process of CA and TA generating a symmetric key through three-way handshake is also given, as shown in Figure 3.
在步骤301中,保存客户应用的公钥及根据客户应用的私钥生成的数字签名。In
具体地说,CA保存公钥及根据CA的私钥生成的数字签名,其中,公钥与私钥为根据预设数字签名算法生成的公私钥对,也就是说,将根据预设数字签名算法生成的CA非对称公私钥对的公钥,及CA根据该非对称公私钥对的私钥生成的数字签名,保存在CA的软件包中,其中,预设数字签名算法可以为RSA加密算法、DSA(Digital Signature Algorithm,数字签名算法)或ECDSA(elliptic curve digital signature algorithm,椭圆曲线数字签名算法)。Specifically, the CA stores the public key and the digital signature generated according to the CA's private key, wherein the public key and the private key are a public-private key pair generated according to a preset digital signature algorithm, that is to say, the digital signature will be generated according to the preset digital signature algorithm. The generated public key of the CA asymmetric public-private key pair, and the digital signature generated by the CA based on the private key of the asymmetric public-private key pair, are stored in the CA's software package, wherein the preset digital signature algorithm may be an RSA encryption algorithm, DSA (Digital Signature Algorithm, digital signature algorithm) or ECDSA (elliptic curve digital signature algorithm, elliptic curve digital signature algorithm).
在步骤302中,计算客户应用的公钥的第一摘要。In
具体地说,富执行环境操作系统根据预设摘要算法,计算客户应用的公钥的第一摘要,也就是说,富执行环境操作系统REE OS根据预设摘要算法,计算CA软件包中CA公钥的摘要,记作第一摘要,其中,预设摘要算法可以为MD5(Message Digest Algorithm 5,消息摘要算法5)、SHA1(Secure Hash Algorithm,安全哈希算法1)、SHA224(Secure HashAlgorithm 224,安全哈希算法224)、SHA256(Secure Hash Algorithm 256,安全哈希算法256)、SHA384(Secure Hash Algorithm 384,安全哈希算法384)或SHA512(Secure HashAlgorithm 512,安全哈希算法512)。Specifically, the rich execution environment operating system calculates the first digest of the public key of the client application according to the preset digest algorithm, that is to say, the rich execution environment operating system REE OS calculates the CA public key in the CA software package according to the preset digest algorithm The digest of the key is recorded as the first digest, wherein the preset digest algorithm can be MD5 (Message Digest Algorithm 5, Message Digest Algorithm 5), SHA1 (Secure Hash Algorithm, Secure Hash Algorithm 1), SHA224 (Secure HashAlgorithm 224, Secure Hash Algorithm 224), SHA256 (Secure Hash Algorithm 256, Secure Hash Algorithm 256), SHA384 (Secure Hash Algorithm 384, Secure Hash Algorithm 384) or SHA512 (Secure HashAlgorithm 512, Secure Hash Algorithm 512).
在步骤303中,将第一摘要发送至可信执行环境操作系统。In
具体地说,REE OS将计算得到的第一摘要发送给可信执行环境操作系统TEE OS。Specifically, the REE OS sends the calculated first digest to the trusted execution environment operating system TEE OS.
在步骤304中,检测第一摘要是否与可信应用中存储的第二摘要相同,如果相同,则执行步骤305,否则结束。In
具体地说,可信执行环境操作系统检测CA的公钥的第一摘要是否与TA中存储的第二摘要相同,其中,第二摘要为根据预设摘要算法生成的公钥的第二摘要,也就是说,TEEOS收到REE OS发送的第一摘要后,先读取事先保存在TA软件包中的CA公钥的摘要,也即第二摘要,然后检测第一摘要是否与第二摘要相同,如果第一摘要与第二摘要相同,则说明CA的公钥完整,表明CA未被功击者篡改或仿冒,接着执行步骤305,否则,说明CA的公钥被功击者篡改或仿冒,直接结束通信。Specifically, the trusted execution environment operating system detects whether the first digest of the CA's public key is the same as the second digest stored in the TA, where the second digest is the second digest of the public key generated according to a preset digest algorithm, That is to say, after TEEOS receives the first digest sent by REE OS, it first reads the digest of the CA public key saved in the TA software package, that is, the second digest, and then checks whether the first digest is the same as the second digest. , if the first digest is the same as the second digest, it means that the CA's public key is complete, indicating that the CA has not been tampered with or counterfeited by the attacker, then step 305 is executed, otherwise, it means that the public key of the CA has been tampered with or counterfeited by the attacker, End the communication directly.
在步骤305中,验证客户应用的数字签名是否有效,如果有效,则执行步骤306,否则结束。In
具体地说,当第一摘要与第二摘要相同时,富执行环境操作系统根据上述CA公钥,进一步验证CA的数字签名是否有效,也就是说,REE OS用CA公钥对CA软件包进行数字签名的有效性验证,其中,数字签名验证过程与现有技术中的数据签名验证过程一样,在此不再赘述,而数字签名验证算法与数字签名算法一致,可以是RSA、DSA或ECDSA,如果数字签名有效,即数字签名验证通过,表明CA未被功击者篡改或仿冒,则加载运行CA,执行步骤306,否则,不加载运行CA,直接结束通信,从而有效识别出被篡改的CA,确保了CA的完整性。Specifically, when the first digest is the same as the second digest, the rich execution environment operating system further verifies whether the digital signature of the CA is valid according to the CA public key. The validity verification of the digital signature, wherein the digital signature verification process is the same as the data signature verification process in the prior art, and will not be repeated here, and the digital signature verification algorithm is consistent with the digital signature algorithm, which can be RSA, DSA or ECDSA, If the digital signature is valid, that is, the verification of the digital signature is passed, indicating that the CA has not been tampered with or counterfeited by the attacker, load and run the CA, and execute
在步骤306中,客户应用发送生成的第一随机数及算法清单。In
具体地说,客户应用发送生成的第一随机数及CA支持的对称加密算法与消息认证码算法的算法清单,其中,对称加密算法可以是DES(Data Encryption Standard,数据加密标准)、3DES(Triple Data Encryption Algorithm,三重数据加密算法)或AES(AdvancedEncryption Standard,高级加密标准)等,消息认证码算法可以是HMAC(Hash-basedMessage Authentication Code,基于哈希的消息认证码)、CBC-MAC(Cipher BlockChaining Message Authentication Code,密码块链接消息认证码)或CMAC(Cipher-basedMessage Authentication Code,基于密码的消息认证码)[。Specifically, the client application sends the generated first random number and the algorithm list of the symmetric encryption algorithm and message authentication code algorithm supported by the CA, wherein the symmetric encryption algorithm can be DES (Data Encryption Standard, data encryption standard), 3DES (Triple Data Encryption Algorithm, triple data encryption algorithm) or AES (Advanced Encryption Standard, Advanced Encryption Standard), etc. The message authentication code algorithm can be HMAC (Hash-based Message Authentication Code, hash-based message authentication code), CBC-MAC (Cipher BlockChaining Message Authentication Code, cipher block chaining message authentication code) or CMAC (Cipher-based Message Authentication Code, password-based message authentication code) [ .
在步骤307中,可信应用发送算法标识、公钥及生成的第二随机数。In
具体地说,TA发送选择的算法清单中算法的标识、生成的RSA公私钥对的公钥及生成的第二随机数,也就是说,TA选择双方使用的对称加密算法和消息认证码算法,生成RSA公私钥对和第二随机数,然后将算法标识、RSA公钥对和第二随机数输出给CA。Specifically, the TA sends the identifier of the algorithm in the selected algorithm list, the generated public key of the RSA public-private key pair, and the generated second random number, that is, the TA selects the symmetric encryption algorithm and the message authentication code algorithm used by both parties, Generate the RSA public-private key pair and the second random number, and then output the algorithm identifier, the RSA public key pair and the second random number to the CA.
在步骤308中,客户应用发送加密的第三随机数。In
具体地说,CA发送根据RSA公钥加密的第三随机数,也即CA再生成一个第三随机数,并使用TA的RSA公钥加密第三随机数,再将加密后的第三随机数输出给TA。Specifically, the CA sends the third random number encrypted according to the RSA public key, that is, the CA regenerates a third random number, and uses the TA's RSA public key to encrypt the third random number, and then encrypts the encrypted third random number. output to TA.
在步骤309中,客户应用与可信应用生成对称密钥。In
具体地说,CA与TA分别根据第一随机数、第二随机数与第三随机数生成对称密钥,其中,TA用自己的RSA私钥解密出第三随机数,这样CA和TA都拥有了3个随机数,即第一随机数、第二随机数与第三随机数,CA和TA使用相同的规则生成密钥,比如异或规则、摘要规则等。Specifically, CA and TA generate symmetric keys according to the first random number, the second random number, and the third random number, respectively, where TA decrypts the third random number with its own RSA private key, so that both CA and TA have There are three random numbers, namely the first random number, the second random number and the third random number, CA and TA use the same rules to generate keys, such as XOR rules, digest rules and so on.
在步骤310中,根据对称密钥进行加密通信。In
具体地说,TA与CA基于相同的对称密钥和算法进行加密通信,输出方先对消息进行加密,然后对密文计算消息认证码,再将消息认证码和密文消息通过共享内存输出,接收方先对接收到的密文消息计算消息认证码,然后与接收的消息认证码进行比较验证,若两者不相同则表明消息完整性被破坏,若两者相同则对密文消息进行解密,确保了通信内容的机密性和完整性,有效防止了攻击者窃取敏感数据或者破坏通信系统。Specifically, TA and CA conduct encrypted communication based on the same symmetric key and algorithm. The output party first encrypts the message, then calculates the message authentication code for the ciphertext, and then outputs the message authentication code and ciphertext message through the shared memory. The receiver first calculates the message authentication code for the received ciphertext message, and then compares and verifies it with the received message authentication code. If the two are different, it indicates that the message integrity is destroyed. , which ensures the confidentiality and integrity of the communication content and effectively prevents attackers from stealing sensitive data or destroying the communication system.
本发明实施方式,不仅具体给出了验证CA的公钥与数字签名的过程,还给出CA与TA通过三次握手生成对称密钥的具体过程,便于技术人员在实际应用中的算法实现。The embodiments of the present invention not only provide a specific process for verifying the CA's public key and digital signature, but also provide a specific process for CA and TA to generate a symmetric key through three-way handshake, which is convenient for technical personnel to implement the algorithm in practical applications.
上面各种方法的步骤划分,只是为了描述清楚,实现时可以合并为一个步骤或者对某些步骤进行拆分,分解为多个步骤,只要包含相同的逻辑关系,都在本专利的保护范围内;对算法中或者流程中添加无关紧要的修改或者引入无关紧要的设计,但不改变其算法和流程的核心设计都在该专利的保护范围内。The step division of the above various methods is only for the purpose of describing clearly. During implementation, it can be combined into one step or some steps can be split and decomposed into multiple steps, as long as they contain the same logical relationship, they are all within the protection scope of this patent. ;Adding insignificant modifications to the algorithm or process or introducing insignificant designs, but not changing the core design of the algorithm and process are all within the scope of protection of this patent.
本发明第三实施方式涉及一种安全通信设备,如图4所示,包括:验证模块41、生成对称密钥模块42与通信模块43。The third embodiment of the present invention relates to a secure communication device, as shown in FIG. 4 , including: a verification module 41 , a symmetric key generation module 42 and a communication module 43 .
验证模块41,用于验证CA的公钥是否完整及CA的数字签名是否有效。The verification module 41 is used to verify whether the public key of the CA is complete and whether the digital signature of the CA is valid.
生成对称密钥模块42,用于当验证CA的公钥完整且CA的数字签名有效后,通过三次握手生成CA与TA的对称密钥。The generating symmetric key module 42 is configured to generate a symmetric key between the CA and the TA through a three-way handshake after verifying that the public key of the CA is complete and the digital signature of the CA is valid.
通信模块43,用于根据对称密钥进行CA与TA的加密通信。The communication module 43 is configured to perform encrypted communication between the CA and the TA according to the symmetric key.
不难发现,本实施方式为与第一实施方式相对应的系统实施例,本实施方式可与第一实施方式互相配合实施。第一实施方式中提到的相关技术细节在本实施方式中依然有效,为了减少重复,这里不再赘述。相应地,本实施方式中提到的相关技术细节也可应用在第一实施方式中。It is not difficult to find that this embodiment is a system example corresponding to the first embodiment, and this embodiment can be implemented in cooperation with the first embodiment. The relevant technical details mentioned in the first embodiment are still valid in this embodiment, and are not repeated here in order to reduce repetition. Correspondingly, the related technical details mentioned in this embodiment can also be applied to the first embodiment.
值得一提的是,本实施方式中所涉及到的各模块均为逻辑模块,在实际应用中,一个逻辑单元可以是一个物理单元,也可以是一个物理单元的一部分,还可以以多个物理单元的组合实现。此外,为了突出本发明的创新部分,本实施方式中并没有将与解决本发明所提出的技术问题关系不太密切的单元引入,但这并不表明本实施方式中不存在其它的单元。It is worth mentioning that each module involved in this embodiment is a logical module. In practical applications, a logical unit may be a physical unit, a part of a physical unit, or multiple physical units. A composite implementation of the unit. In addition, in order to highlight the innovative part of the present invention, this embodiment does not introduce units that are not closely related to solving the technical problem proposed by the present invention, but this does not mean that there are no other units in this embodiment.
本发明第四实施方式涉及一种安全通信设备。第四实施方式在第三实施方式的基础上进行了进一步改进,主要改进之处在于:在本发明第四实施方式中,不仅包括验证模块41、生成对称密钥模块42与通信模块43,还包括:CA保存模块44、第一摘要计算模块45、第一摘要发送模块46,其中,检测模块41具体包括:摘要检测子模块411、数字签名检测子模块412与确定子模块413,生成对称密钥模块42具体包括:第一CA发送子模块421、TA发送子模块422、第二CA发送子模块423、CA密钥生成子模块424、TA密钥生成子模块425,如图5所示。A fourth embodiment of the present invention relates to a safety communication device. The fourth embodiment is further improved on the basis of the third embodiment. The main improvement lies in that: in the fourth embodiment of the present invention, not only the verification module 41, the symmetric key generation module 42 and the communication module 43 are included, but also the It includes: a CA storage module 44, a first digest calculation module 45, and a first digest sending module 46, wherein the detection module 41 specifically includes: a digest
CA保存模块44,用于CA保存公钥及根据CA的私钥生成的数字签名,其中,公钥与私钥为根据预设数字签名算法生成的公私钥对。The CA storage module 44 is used for the CA to store the public key and the digital signature generated according to the private key of the CA, wherein the public key and the private key are a public-private key pair generated according to a preset digital signature algorithm.
第一摘要计算模块45,用于富执行环境操作系统根据预设摘要算法,计算所述第一摘要。The first digest calculation module 45 is used for the rich execution environment operating system to calculate the first digest according to a preset digest algorithm.
第一摘要发送模块46,用于将第一摘要发送至可信执行环境操作系统。The first digest sending module 46 is configured to send the first digest to the trusted execution environment operating system.
验证模块41,用于验证CA的公钥是否完整及CA的数字签名是否有效。The verification module 41 is used to verify whether the public key of the CA is complete and whether the digital signature of the CA is valid.
摘要检测子模块411,用于可信执行环境操作系统检测CA的公钥的第一摘要是否与TA中存储的第二摘要相同。The digest
数字签名验证子模块412,用于当第一摘要与第二摘要相同时,富执行环境操作系统根据公钥,验证CA的数字签名是否有效。The digital
确定子模块413,用于当CA的数字签名验证有效时,确定CA完整。The determining sub-module 413 is used for determining that the CA is complete when the digital signature verification of the CA is valid.
生成对称密钥模块42,用于当验证CA的公钥完整且CA的数字签名有效后,通过三次握手生成CA与TA的对称密钥。The generating symmetric key module 42 is configured to generate a symmetric key between the CA and the TA through a three-way handshake after verifying that the public key of the CA is complete and the digital signature of the CA is valid.
第一CA发送子模块421,用于CA发送生成的第一随机数及对称加密算法与消息认证码算法的算法清单。The first CA sending sub-module 421 is used for the CA to send the generated first random number and the algorithm list of the symmetric encryption algorithm and the message authentication code algorithm.
TA发送子模块422,用于TA发送选择的算法清单中算法的标识、生成的RSA公私钥对的公钥及生成的第二随机数。The TA sending sub-module 422 is used for the TA to send the identifier of the algorithm in the selected algorithm list, the generated public key of the RSA public-private key pair, and the generated second random number.
第二CA发送子模块423,用于CA发送根据RSA公钥加密的第三随机数。The second CA sending sub-module 423 is used for the CA to send the third random number encrypted according to the RSA public key.
具体地说,在实际应用中,可以将第一CA发送子模块421与第二CA发送子模块423合并在一起,也可以分开。Specifically, in practical applications, the first CA sending sub-module 421 and the second CA sending sub-module 423 may be combined together, or may be separated.
CA密钥生成子模块424,用于根据第一随机数、第二随机数与第三随机数生成对称密钥的CA密钥。The CA key generation sub-module 424 is configured to generate the CA key of the symmetric key according to the first random number, the second random number and the third random number.
TA密钥生成子模块425,用于根据第一随机数、第二随机数与第三随机数生成对称密钥的TA密钥。The TA key generation sub-module 425 is configured to generate the TA key of the symmetric key according to the first random number, the second random number and the third random number.
通信模块43,用于根据对称密钥进行CA与TA的加密通信。The communication module 43 is configured to perform encrypted communication between the CA and the TA according to the symmetric key.
由于第二实施方式与本实施方式相互对应,因此本实施方式可与第二实施方式互相配合实施。第二实施方式中提到的相关技术细节在本实施方式中依然有效,在第二实施方式中所能达到的技术效果在本实施方式中也同样可以实现,为了减少重复,这里不再赘述。相应地,本实施方式中提到的相关技术细节也可应用在第二实施方式中。Since the second embodiment corresponds to the present embodiment, the present embodiment can be implemented in cooperation with the second embodiment. The relevant technical details mentioned in the second embodiment are still valid in this embodiment, and the technical effects that can be achieved in the second embodiment can also be achieved in this embodiment, and in order to reduce repetition, they will not be repeated here. Correspondingly, the related technical details mentioned in this embodiment can also be applied to the second embodiment.
本领域技术人员可以理解实现上述实施例方法中的全部或部分步骤是可以通过程序来指令相关的硬件来完成,该程序存储在一个存储介质中,包括若干指令用以使得一个设备(可以是单片机,芯片等)或处理器(processor)执行本申请各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:闪存(Flash Memory),U盘、移动硬盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、磁碟或者光盘等各种可以存储程序代码的介质。Those skilled in the art can understand that all or part of the steps in the method of the above embodiments can be completed by instructing the relevant hardware through a program. The program is stored in a storage medium and includes several instructions to make a device (which may be a single-chip microcomputer) , chip, etc.) or a processor (processor) to execute all or part of the steps of the methods described in the various embodiments of the present application. The aforementioned storage medium includes: flash memory (Flash Memory), U disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), magnetic disk or optical disk and other various A medium on which program code can be stored.
本领域的普通技术人员可以理解,上述各实施方式是实现本发明的具体实施例,而在实际应用中,可以在形式上和细节上对其作各种改变,而不偏离本发明的精神和范围。Those of ordinary skill in the art can understand that the above-mentioned embodiments are specific examples for realizing the present invention, and in practical applications, various changes in form and details can be made without departing from the spirit and the spirit of the present invention. scope.
Claims (4)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611221027.9A CN108242997B (en) | 2016-12-26 | 2016-12-26 | Method and device for secure communication |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611221027.9A CN108242997B (en) | 2016-12-26 | 2016-12-26 | Method and device for secure communication |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN108242997A CN108242997A (en) | 2018-07-03 |
| CN108242997B true CN108242997B (en) | 2020-12-22 |
Family
ID=62702276
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611221027.9A Active CN108242997B (en) | 2016-12-26 | 2016-12-26 | Method and device for secure communication |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN108242997B (en) |
Families Citing this family (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109508562B (en) * | 2018-11-30 | 2022-03-25 | 四川长虹电器股份有限公司 | TEE-based trusted remote verification method |
| CN112351037B (en) * | 2020-11-06 | 2022-12-30 | 支付宝(杭州)信息技术有限公司 | Information processing method and device for secure communication |
| CN117172311B (en) * | 2023-09-27 | 2026-02-03 | 亿咖通(湖北)技术有限公司 | Federal learning method, system, equipment and storage medium |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104010044A (en) * | 2014-06-12 | 2014-08-27 | 北京握奇数据系统有限公司 | Application limitation installing method, manager and terminal based on trusted execution environment technology |
| CN104125226A (en) * | 2014-07-28 | 2014-10-29 | 北京握奇智能科技有限公司 | Locking and unlocking application method, device and system |
| CN105260663A (en) * | 2015-09-15 | 2016-01-20 | 中国科学院信息工程研究所 | Secure storage service system and method based on TrustZone technology |
| CN105653412A (en) * | 2015-12-31 | 2016-06-08 | 深圳市金立通信设备有限公司 | Fingerprint device compatibility detection method and terminal |
| CN106156618A (en) * | 2015-04-17 | 2016-11-23 | 国民技术股份有限公司 | A kind of safety chip, mobile terminal and the method realizing mobile terminal system safety |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR102327782B1 (en) * | 2015-05-29 | 2021-11-18 | 한국과학기술원 | Electronic device and method for approaching to kernel data |
-
2016
- 2016-12-26 CN CN201611221027.9A patent/CN108242997B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104010044A (en) * | 2014-06-12 | 2014-08-27 | 北京握奇数据系统有限公司 | Application limitation installing method, manager and terminal based on trusted execution environment technology |
| CN104125226A (en) * | 2014-07-28 | 2014-10-29 | 北京握奇智能科技有限公司 | Locking and unlocking application method, device and system |
| CN106156618A (en) * | 2015-04-17 | 2016-11-23 | 国民技术股份有限公司 | A kind of safety chip, mobile terminal and the method realizing mobile terminal system safety |
| CN105260663A (en) * | 2015-09-15 | 2016-01-20 | 中国科学院信息工程研究所 | Secure storage service system and method based on TrustZone technology |
| CN105653412A (en) * | 2015-12-31 | 2016-06-08 | 深圳市金立通信设备有限公司 | Fingerprint device compatibility detection method and terminal |
Also Published As
| Publication number | Publication date |
|---|---|
| CN108242997A (en) | 2018-07-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US12355864B1 (en) | Trust framework against systematic cryptographic breach | |
| US11757662B2 (en) | Confidential authentication and provisioning | |
| US11533297B2 (en) | Secure communication channel with token renewal mechanism | |
| CN103460195B (en) | For the system and method for security software update | |
| US9847880B2 (en) | Techniques for ensuring authentication and integrity of communications | |
| CN113128999B (en) | Block chain privacy protection method and device | |
| US20130212385A1 (en) | Utilization of a protected module to prevent offline dictionary attacks | |
| US9531540B2 (en) | Secure token-based signature schemes using look-up tables | |
| CN107317677B (en) | Secret key storage and equipment identity authentication method and device | |
| CN104836784B (en) | A kind of information processing method, client and server | |
| JP6190404B2 (en) | Receiving node, message receiving method and computer program | |
| US20180204004A1 (en) | Authentication method and apparatus for reinforced software | |
| CN106165339A (en) | Method and system for improving data security during communication | |
| CN114240428A (en) | Data transmission method and device, data transaction terminal and data supplier | |
| CN114189862A (en) | Wireless terminal and interface access authentication method of wireless terminal in Uboot mode | |
| CN114745115A (en) | An information transmission method, device, computer equipment and storage medium | |
| CN108242997B (en) | Method and device for secure communication | |
| CN106453430A (en) | Method and device for verifying encrypted data transmission paths | |
| CN111327415A (en) | Alliance link data protection method and device | |
| CN114329522A (en) | Private key protection method, device, system and storage medium | |
| CN114065170A (en) | Method and device for acquiring platform identity certificate and server | |
| KR102005787B1 (en) | Method for Encrypting Certificate | |
| CN110492989A (en) | The processing method of private key, the medium of access method and corresponding method, device | |
| CN115604034A (en) | Encryption and decryption method and system for communication connection and electronic equipment | |
| US11177933B2 (en) | Side channel timing attack mitigation in securing data in transit |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20251120 Address after: Xuhui District Qinzhou road 200233 Shanghai City No. 333 building 41 floor 4 Patentee after: LEADCORE TECHNOLOGY Co.,Ltd. Country or region after: China Address before: Xuhui District Qinzhou road 200233 Shanghai City No. 333 building 41 floor 4 Patentee before: LEADCORE TECHNOLOGY Co.,Ltd. Country or region before: China Patentee before: DATANG SEMICONDUCTOR DESIGN Co.,Ltd. |
