[go: up one dir, main page]

CN117828603A - A method for protecting mobile terminal operating system information based on hardware certificate - Google Patents

A method for protecting mobile terminal operating system information based on hardware certificate Download PDF

Info

Publication number
CN117828603A
CN117828603A CN202311638157.2A CN202311638157A CN117828603A CN 117828603 A CN117828603 A CN 117828603A CN 202311638157 A CN202311638157 A CN 202311638157A CN 117828603 A CN117828603 A CN 117828603A
Authority
CN
China
Prior art keywords
partition
key
mobile terminal
operating system
terminal operating
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202311638157.2A
Other languages
Chinese (zh)
Inventor
范泽武
林伟伟
陈天林
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
South China University of Technology SCUT
Original Assignee
South China University of Technology SCUT
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by South China University of Technology SCUT filed Critical South China University of Technology SCUT
Priority to CN202311638157.2A priority Critical patent/CN117828603A/en
Publication of CN117828603A publication Critical patent/CN117828603A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
    • G06F21/575Secure boot
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0816Key establishment, i.e. cryptographic processes or cryptographic protocols whereby a shared secret becomes available to two or more parties, for subsequent use
    • H04L9/085Secret sharing or secret splitting, e.g. threshold schemes
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0894Escrow, recovery or storing of secret information, e.g. secret key escrow or cryptographic key storage
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/30Public key, i.e. encryption algorithm being computationally infeasible to invert or user's encryption keys not requiring secrecy
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2107File encryption

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computing Systems (AREA)
  • Storage Device Security (AREA)

Abstract

本发明公开了一种基于硬件证书的移动终端操作系统信息保护方法,包括以下步骤:一、在boot分区和recovery分区使用非对称加密算法写入互相印证的证书系统;二、无论通过boot分区或是recovery分区启动都需要确保另一个分区完整性。现有移动终端操作系统可通过在recovery分区写入可启动的第三方系统方式,读取系统分区文件,存在移动终端操作系统文件被直接读取、暴力破解用户密码鉴权等安全问题,本发明将系统所有可启动分区使用非对称加密算法引入证书,只有证书与分区完整,系统才能正常运行,由此来防止系统被恶意篡改,确保用户无法取得系统root权限,无法修改系统文件,具有更高的安全性和便利性。

The present invention discloses a method for protecting information of a mobile terminal operating system based on a hardware certificate, comprising the following steps: 1. Using an asymmetric encryption algorithm to write mutually verified certificate systems in the boot partition and the recovery partition; 2. Whether booting through the boot partition or the recovery partition, the integrity of the other partition needs to be ensured. The existing mobile terminal operating system can read the system partition file by writing a bootable third-party system in the recovery partition, which has security issues such as direct reading of the mobile terminal operating system file and brute force cracking of user password authentication. The present invention introduces certificates into all bootable partitions of the system using an asymmetric encryption algorithm. Only when the certificate and the partition are complete can the system run normally, thereby preventing the system from being maliciously tampered with, ensuring that users cannot obtain the system root authority and cannot modify system files, and has higher security and convenience.

Description

Mobile terminal operating system information protection method based on hardware certificate
Technical Field
The invention relates to the field of encryption protection, in particular to a mobile terminal operating system information protection method based on a hardware certificate.
Background
The current mobile terminal has very high popularity, and the mobile terminal brings higher efficiency, richer experience and more fun for the work and life entertainment of the user. At present, as a mobile terminal mainly represents a smart phone of a product, an initial design of an operating system (including android and IOS) of the smart phone is a consumer product, and requirements of users (especially commercial users) on security stability and custom development are not considered at the beginning of the design, especially the openness of original codes of the android system, so that other smart phones are completely exposed to threats of malicious users. In addition, there are a large number of unrepaired security BUGs for reasons of system design, etc., including release versions of IOS and android.
Specifically, the main security threats faced by the mobile terminal operating system are as follows:
(1) The application obtains the ROOT authority: because An Zhuokai source is used, malicious users can conduct comprehensive security hole research on codes, a large number of ROOT schemes of Zhuo Baochu can be used for acquiring system authorities by a brushless machine, and when a malicious user acquires the highest authority of the system, the system can be threatened by means of injection, fraud, tampering, stealing and the like.
The problem also exists with IOS systems, where historical versions of IOS also have several vulnerabilities that can be used to gain access to the system's ROOT rights in jail-breaking.
(2) XPOSED framework and APP Container: the Xposed Framework (Xposed Framework) is a set of Framework services which are open-source and run in the Android high-authority mode, can influence the running of programs (modifying a system) without modifying an APK file, can be used for manufacturing a plurality of powerful modules based on the Framework services, and can run simultaneously under the condition that functions are not conflicted. The return value of the parameter of any function can be easily obtained and tampered by using the HOOK component of XPOSED.
The Virtual APP is a relatively well-known framework of the APP container, and by utilizing the Virtual APP framework, a malicious user can easily enable any application to run in the memory of the Virtual APP, so that unrestricted control of any application and interception and tampering of information are realized.
(3) Application cloning vulnerabilities: application cloning is to clone an APP on the mobile phone of other people, so that a cloner can easily acquire account rights, steal user account numbers, funds and the like, which is afraid, but an attack model of the application cloning exists, the discovered vulnerability at this time at least relates to one tenth of the APP in the domestic android application market, and the APP is basically an application represented by the mainstream APP, such as a meal ordering class, a trip class and the like, and the APP is more mature in eyes of the user, so that potential safety hazards exist, and the APP can be often broken down.
A laboratory demonstrated the effect of an "apply cloning" attack with a certain APP as an example: on the mobile phone updated to the latest android 8.1.0, an attacker sends a mobile phone short message containing a malicious link to a user by utilizing the vulnerability of the attacker, once the user clicks, the account of the attacker is cloned into the mobile phone of the attacker for one second, and then the attacker can randomly check the user information, directly operate the application, steal the private information, steal the account number, funds and the like. However, the laboratory responsible person indicates that the application cloning loophole discovered at this time is only aimed at the android system.
It is known that based on this attack model, the laboratory checks with some security problem that is often ignored by vendors, and that 27 vulnerabilities are found in 200 mobile applications, in proportion to more than 10%.
(4) Application information fraud: the security event is caused by tampering information in a client or network pipeline, and the following two-dimensional code payment tampering and funds stealing are carried out:
a. tamper two-dimensional code mode, as shown in figure 1;
b. tamper with the transaction data pattern as in fig. 2.
(5) Process injection and information theft: malicious code may be injected into the current process in a number of ways, such as the Cordova plug-in of the IOS; as another example, the principle of payment code can be stolen by ptrace, xposed in android, as shown in fig. 3.
Disclosure of Invention
The invention aims to overcome the defects and shortcomings of the prior art and provide a mobile terminal operating system information protection method based on a hardware certificate, which eliminates risks of tampering and stealing of the existing mobile terminal operating system files and solves the problems that the existing system is easy to be broken by a ROOT (jail), SO (SO) injection, an xposed framework is installed, an APP application end is injected with a Trojan horse and the like.
The aim of the invention is achieved by the following technical scheme:
a mobile terminal operating system information protection method based on hardware certificate includes the following steps:
s1, reading a public key in a recovery partition when a mobile terminal operating system is started through the boot partition;
s2, when the mobile terminal operating system is started through the recovery partition, reading a public key in the boot partition;
s3, after the mobile terminal operating system is started through the boot partition, the public key in the kernel of the partition is added with the public key in the kernel of the recovery partition to verify the system partition;
s4, after the mobile terminal operating system is started through the recovery partition, the public key in the kernel of the partition is added with the public key of the boot partition to verify the system partition;
s5, when the system integrity fingerprint verification fails, the system is started, and the system is shut down.
In step S1, when the mobile terminal operating system uses boot to start, after the kernel loading is completed, decrypting and reading the recovery partition through the public key file b.cer in the kernel of the boot partition, decrypting and reading the encrypted part of the boot partition through the public key file r.cer in the kernel of the recovery partition, and after decrypting, checking the decrypted file by using the public key b.cer in the kernel; when the verification fails, the starting fails.
In step S2, when the mobile terminal operating system starts up by using recovery, after the kernel loading is completed, the boot partition is decrypted by the public key file r.cer in the kernel of the recovery partition, the integrity is checked, the encrypted part of the file is decrypted and read by the public key file b.cer in the kernel of the boot partition, and after the decryption, the decrypted and read file is checked by the public key r.cer in the kernel; when the verification fails, the starting fails.
The step S3 specifically comprises the following steps:
s301: after the mobile terminal operating system is started through boot partition, reading a system integrity key C and a decrypted key combination A of the local verification system;
s302: reading a verification system integrity key C and a decrypted key combination B through public key b.cer decryption in a boot partition kernel;
s303: acquiring a system decryption key A+B and checking an integrity verification key C;
s304: decrypting the read system partition boot-up into the system with decryption key A+B and verifying the system partition integrity with integrity key C;
s305: if the decryption key A+B cannot decrypt the system, the system is exited;
s306: if the integrity key D fails to verify, the starting is stopped.
The step S4 specifically includes the following steps:
s401: after the mobile terminal operating system is started through the recovery partition, reading a local area verification system integrity key D and a decrypted key combination A;
s402: the recovery partition integrity generates a fingerprint decryption reading boot partition reading verification system integrity key D and a decrypted key combination B;
s403: acquiring a system decryption key A+B and checking an integrity verification key D;
s404: decrypting the read system partition with decryption key A+B and verifying the integrity of the system partition with integrity key D;
s405: if the decryption key A+B cannot be decrypted, the system partition exits the system;
s406: if the verification by the integrity fingerprint D fails, the start-up is exited.
The method further comprises the following steps:
the hardware is firstly loaded into the mobile terminal operating system, and encryption initialization is needed to be carried out by using the IMEI of the mobile terminal as a read-write key of the kernel integrity file.
The encryption initialization uses mobile terminal IMEI as read-write key of kernel integrity file, specifically comprising the following steps:
s601: the starting system encrypts the system partition by using an asymmetric encryption algorithm, and divides a private key C into two parts;
s602: dividing a key C into two parts A and B, and respectively storing the two parts A and B in a boot partition and a recovery partition;
s603: and encrypting the boot partition and the recovery partition by using an asymmetric encryption algorithm, wherein a private key is not disclosed, and a read key is stored in an unencrypted kernel part.
Meanwhile, the invention provides:
a server comprising a processor and a memory, wherein at least one section of program is stored in the memory, and the program is loaded and executed by the processor to realize the commercial mobile terminal operating system information protection method based on hardware certificates.
A computer-readable storage medium having stored therein at least one program loaded and executed by a processor to implement the above-described method for protecting operating system information of a commercial mobile terminal based on a hardware certificate.
Compared with the prior art, the invention has the following advantages and beneficial effects:
1. the method for encrypting the bootable partition and encrypting the system partition by using the asymmetric encryption algorithm ensures that the mobile operating system file and the running environment are not influenced by tampering and stealing, and realizes the safety protection. Because the mobile phone terminal only has a decryption algorithm, the core boot\recovery\system partition of the equivalent mobile phone terminal is in an undemandable state.
2. The invention adopts an open architecture, and is convenient for secondary development.
3. The method and the device can prevent the APP of the mobile terminal from being repackaged and the Trojan horse from being added.
4. The invention can avoid the file of the mobile operating system from being stolen and modified.
5. The invention can avoid that the mobile operating system is ROOT, the third party starting system is installed, and the XPOSED and other third party frameworks are installed.
6. The local system file is in a read-only state and cannot be modified by a user, so that all the problems listed above are perfectly solved.
Drawings
FIG. 1 is a schematic diagram of a two-dimensional code tamper scheme;
FIG. 2 is a schematic diagram of a way of tampering with transaction data;
FIG. 3 is a schematic diagram of the principle of ptrace, xposed, stealing payment codes;
FIG. 4 is a partition diagram of an android phone;
FIG. 5 is a schematic diagram of the operating system partition of the mobile terminal according to the present invention;
FIG. 6 is a flowchart of boot initiation of the mobile terminal operating system according to the present invention;
fig. 7 is a flowchart of the mobile terminal operating system according to the present invention for starting the restore mode.
Detailed Description
The present invention will be described in further detail with reference to examples and drawings, but embodiments of the present invention are not limited thereto.
As shown in fig. 4 to 7, a method for protecting information of an operating system of a mobile terminal based on a hardware certificate includes the steps of:
s1, reading a public key in a recovery partition when a mobile terminal operating system is started through the boot partition;
when the mobile terminal operating system is started by using a boot, after kernel loading is completed, decrypting and reading the recovery partition through a public key file b.cer in the kernel of the boot partition, decrypting and reading an encrypted part of the file of the boot partition through a public key file r.cer in the kernel of the recovery partition, and after decrypting, checking the decrypted file by using the public key b.cer in the kernel; when the verification fails, the starting fails.
S2, when the mobile terminal operating system is started through the recovery partition, reading a public key in the boot partition;
when the mobile terminal operating system is started by using recovery, after kernel loading is completed, decrypting the boot partition through a public key file r.cer in the kernel of the recovery partition, checking the integrity, decrypting and reading an encrypted part of file through a public key file b.cer in the kernel of the boot partition, and after decryption, checking and decrypting and reading the file through a public key r.cer in the kernel; when the verification fails, the starting fails.
S3, after the mobile terminal operating system is started through the boot partition, the public key in the kernel of the partition is added with the public key in the kernel of the recovery partition to verify the system partition;
the method specifically comprises the following steps:
s301: after the mobile terminal operating system is started through boot partition, reading a system integrity key C and a decrypted key combination A of the local verification system;
s302: reading a verification system integrity key C and a decrypted key combination B through public key b.cer decryption in a boot partition kernel;
s303: acquiring a system decryption key A+B and checking an integrity verification key C;
s304: decrypting the read system partition boot-up into the system with decryption key A+B and verifying the system partition integrity with integrity key C;
s305: if the decryption key A+B cannot decrypt the system, the system is exited;
s306: if the integrity key D fails to verify, the starting is stopped.
S4, after the mobile terminal operating system is started through the recovery partition, the public key in the kernel of the partition is added with the public key of the boot partition to verify the system partition;
the method specifically comprises the following steps:
s401: after the mobile terminal operating system is started through the recovery partition, reading a local area verification system integrity key D and a decrypted key combination A;
s402: the recovery partition integrity generates a fingerprint decryption reading boot partition reading verification system integrity key D and a decrypted key combination B;
s403: acquiring a system decryption key A+B and checking an integrity verification key D;
s404: decrypting the read system partition with decryption key A+B and verifying the integrity of the system partition with integrity key D;
s405: if the decryption key A+B cannot be decrypted, the system partition exits the system;
s406: if the verification by the integrity fingerprint D fails, the start-up is exited.
S5, when the system integrity fingerprint verification fails, the system is started, and the system is shut down.
The method further comprises the following steps:
the hardware is firstly loaded into the mobile terminal operating system, and encryption initialization is needed to be carried out by using the IMEI of the mobile terminal as a read-write key of the kernel integrity file.
The encryption initialization uses mobile terminal IMEI as read-write key of kernel integrity file, specifically comprising the following steps:
s601: the starting system encrypts the system partition by using an asymmetric encryption algorithm, and divides a private key C into two parts;
s602: dividing a key C into two parts A and B, and respectively storing the two parts A and B in a boot partition and a recovery partition;
s603: and encrypting the boot partition and the recovery partition by using an asymmetric encryption algorithm, wherein a private key is not disclosed, and a read key is stored in an unencrypted kernel part.
Meanwhile, the invention provides:
a server comprising a processor and a memory, wherein at least one section of program is stored in the memory, and the program is loaded and executed by the processor to realize the commercial mobile terminal operating system information protection method based on hardware certificates.
A computer-readable storage medium having stored therein at least one program loaded and executed by a processor to implement the above-described method for protecting operating system information of a commercial mobile terminal based on a hardware certificate.
The normal start-up procedure is shown in fig. 6.
The Bootloader guiding system loads the kernel in the boot partition, reads the b.cer file in the kernel of the boot partition, reads the encryption part of the recovery partition through the b.cer, and reads the decryption key B. Reading an encrypted part of the boot partition through an r.cer in the recovery partition, reading a decryption key A, normally loading the boot partition, decrypting the loading system partition through the decryption key A+B, and checking the integrity of the system partition by using a key D.
The recovery mode (recovery) starts the flow as shown in fig. 7.
The Bootloader booting system loads the kernel in the recovery partition, and reads the b.cer file in the kernel of the boot partition. And reading an encrypted part of the recovery partition through the b.cer in the boot partition, normally loading the recovery partition, and entering a recovery mode system.
The mobile terminal can select two modes to start when starting the boot: boot, normal start; recovery boot, enter recovery mode. Because the user can load an independent and complete third-party operating system by rewriting the recovery guide partition, and because the files of the boot partition and the system partition are common file systems without encryption, the third-party operating system can easily modify part of the system files to realize bypassing of a system security protection mechanism, for example, an ID lock anti-riot cracking mechanism when the system is modified, and realize that the system is free from the entry password of the anti-riot cracking system. The core of the problems is that a malicious user can easily read the system file of the mobile terminal in the mode, and the security mechanism of the mobile terminal can be cracked by writing back the system after modification in decompilation, injection and other modes.
The above examples are preferred embodiments of the present invention, but the embodiments of the present invention are not limited to the above examples, and any other changes, modifications, substitutions, combinations, and simplifications that do not depart from the spirit and principle of the present invention should be made in the equivalent manner, and the embodiments are included in the protection scope of the present invention.

Claims (9)

1.一种基于硬件证书的移动终端操作系统信息保护方法,其特征在于,包括以下步骤:1. A method for protecting information of a mobile terminal operating system based on a hardware certificate, characterized by comprising the following steps: S1、移动终端操作系统通过boot分区启动时读取recovery分区中的公钥;S1. The mobile terminal operating system reads the public key in the recovery partition when starting through the boot partition; S2、移动终端操作系统通过recovery分区启动时读取boot分区中的公钥;S2. When the mobile terminal operating system is started through the recovery partition, it reads the public key in the boot partition; S3、移动终端操作系统通过boot分区启动后,会用本分区内核中公钥加上存在recovery分区内核中的公钥去校验system分区;S3. After the mobile terminal operating system is started through the boot partition, it will use the public key in the kernel of this partition plus the public key in the kernel of the recovery partition to verify the system partition; S4、移动终端操作系统通过recovery分区启动后,会用本分区内核中公钥加上存在boot分区的公钥去校验system分区;S4. After the mobile terminal operating system is started through the recovery partition, it will use the public key in the kernel of this partition plus the public key in the boot partition to verify the system partition; S5、system完整性指纹校验失败时退出启动,并关机。S5. Exit startup and shut down when system integrity fingerprint verification fails. 2.根据权利要求1所述基于硬件证书的移动终端操作系统信息保护方法,其特征在于,步骤S1中,所述移动终端操作系统使用boot启动时,在完成内核加载后,会通过boot分区内核中的公钥文件b.cer来解密读取recovery分区,并通recovery分区内核中的公钥文件r.cer解密读取boot分区加密部分文件,解密后用内核中公钥b.cer校验解密文件;校验失败时,启动失败。2. According to the mobile terminal operating system information protection method based on hardware certificate in claim 1, it is characterized in that, in step S1, when the mobile terminal operating system is started using boot, after the kernel loading is completed, the recovery partition will be decrypted and read through the public key file b.cer in the kernel of the boot partition, and the encrypted part of the boot partition will be decrypted and read through the public key file r.cer in the kernel of the recovery partition. After decryption, the decrypted file is verified with the public key b.cer in the kernel; when the verification fails, the startup fails. 3.根据权利要求1所述基于硬件证书的移动终端操作系统信息保护方法,其特征在于,步骤S2中,所述移动终端操作系统使用recovery启动时,在完成内核加载后,会通过recovery分区内核中的公钥文件r.cer来解密boot分区并校验完整性并通boot分区内核中的公钥文件b.cer解密读取加密部分文件,解密后用内核中公钥r.cer校验解密读取文件;校验失败时,启动失败。3. According to the mobile terminal operating system information protection method based on hardware certificate in claim 1, it is characterized in that in step S2, when the mobile terminal operating system is started using recovery, after the kernel is loaded, the boot partition will be decrypted and the integrity will be verified through the public key file r.cer in the kernel of the recovery partition, and the encrypted part of the file will be decrypted and read through the public key file b.cer in the kernel of the boot partition. After decryption, the public key r.cer in the kernel is used to verify the decrypted and read file; if the verification fails, the startup fails. 4.根据权利要求1所述基于硬件证书的移动终端操作系统信息保护方法,其特征在于,所述步骤S3,具体包括以下步骤:4. According to the method for protecting mobile terminal operating system information based on hardware certificates in claim 1, it is characterized in that the step S3 specifically comprises the following steps: S301:移动终端操作系统通过boot分区启动后,读取本区校验system完整性密钥C和解密的密钥组合A;S301: After the mobile terminal operating system is started through the boot partition, the system integrity verification key C and the decryption key combination A are read from this area; S302:通过boot分区内核中公钥b.cer解密读取recovery分区读取校验system完整性密钥C和解密的密钥组合B;S302: Decrypt and read the recovery partition using the public key b.cer in the kernel of the boot partition to read and verify the system integrity key C and the decrypted key combination B; S303:获取system解密密钥A+B,校验验完整性密钥C;S303: Obtain system decryption key A+B and verify integrity key C; S304:通过解密密钥A+B解密读取system分区启动进入系统,并通过完整性密钥C校验验system分区完整性;S304: decrypt and read the system partition using the decryption key A+B to start the system, and verify the integrity of the system partition using the integrity key C; S305:若解密密钥A+B无法解密系统,则退出系统;S305: If the decryption key A+B cannot decrypt the system, exit the system; S306:若完整性密钥D校验验失败,退出启动。S306: If the integrity key D verification fails, exit the startup. 5.根据权利要求1所述基于硬件证书的移动终端操作系统信息保护方法,其特征在于,所述步骤S4,具体包括以下步骤:5. According to the method for protecting mobile terminal operating system information based on hardware certificates in claim 1, it is characterized in that the step S4 specifically comprises the following steps: S401:移动终端操作系统通过recovery分区启动后,读取本区校验system完整性密钥D和解密的密钥组合A;S401: After the mobile terminal operating system is started through the recovery partition, the system integrity verification key D and the decryption key combination A are read from this area; S402:recovery分区完整性生成指纹解密读取boot分区读取校验system完整性密钥D和解密的密钥组合B;S402: Generate fingerprint for recovery partition integrity, decrypt and read boot partition, read and verify system integrity key D and decrypt key combination B; S403:获取system解密密钥A+B,校验验完整性密钥D;S403: Obtain system decryption key A+B and verify integrity key D; S404:通过解密密钥A+B解密读取system分区并通过完整性密钥D校验验system分区完整性;S404: decrypt and read the system partition using the decryption key A+B and verify the integrity of the system partition using the integrity key D; S405:若解密密钥A+B无法解密,system分区退出系统;S405: If the decryption key A+B cannot be decrypted, the system partition exits the system; S406:如用完整性指纹D校验失败,退出启动。S406: If the integrity fingerprint D verification fails, exit the startup. 6.根据权利要求1所述基于硬件证书的移动终端操作系统信息保护方法,其特征在于,所述方法,还包括以下步骤:6. According to claim 1, the method for protecting mobile terminal operating system information based on hardware certificates is characterized in that the method further comprises the following steps: 硬件首次装入移动终端操作系统,需要进行加密初始化使用移动终端IMEI作为内核完整性文件的读写密钥。When the hardware is first loaded with the mobile terminal operating system, encryption initialization is required to use the mobile terminal IMEI as the read-write key of the kernel integrity file. 7.根据权利要求6所述基于硬件证书的移动终端操作系统信息保护方法,其特征在于,所述加密初始化使用移动终端IMEI作为内核完整性文件的读写密钥,具体包括以下步骤:7. According to claim 6, the method for protecting mobile terminal operating system information based on hardware certificates is characterized in that the encryption initialization uses the mobile terminal IMEI as the read-write key of the kernel integrity file, specifically comprising the following steps: S601:启动系统对system分区使用非对称加密算法加密对system分区进行加密,并将私钥C分成两部分;S601: Start the system to encrypt the system partition using an asymmetric encryption algorithm, and divide the private key C into two parts; S602:将密钥C分成两部分A和B,分别存放于boot分区和recovery分区;S602: Divide the key C into two parts A and B, and store them in the boot partition and the recovery partition respectively; S603:使用非对称加密算法加密boot分区和recovery分区,私钥不公开,读取密钥存放于不加密的内核部分。S603: Encrypt the boot partition and the recovery partition using an asymmetric encryption algorithm. The private key is not disclosed, and the read key is stored in the unencrypted kernel part. 8.一种服务器,其特征在于,所述服务器包括处理器和存储器,所述存储器中存储有至少一段程序,所述程序由所述处理器加载并执行以实现权利要求1至7中任一权利要求所述基于硬件证书的商用移动终端操作系统信息保护方法。8. A server, characterized in that the server includes a processor and a memory, wherein the memory stores at least one program, and the program is loaded and executed by the processor to implement the commercial mobile terminal operating system information protection method based on hardware certificates as described in any one of claims 1 to 7. 9.一种计算机可读存储介质,其特征在于,所述存储介质中存储有至少一段程序,所述程序由处理器加载并执行以实现权利要求1至7中任一权利要求所述基于硬件证书的商用移动终端操作系统信息保护方法。9. A computer-readable storage medium, characterized in that at least one program is stored in the storage medium, and the program is loaded and executed by a processor to implement the commercial mobile terminal operating system information protection method based on hardware certificates as described in any one of claims 1 to 7.
CN202311638157.2A 2023-12-02 2023-12-02 A method for protecting mobile terminal operating system information based on hardware certificate Pending CN117828603A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311638157.2A CN117828603A (en) 2023-12-02 2023-12-02 A method for protecting mobile terminal operating system information based on hardware certificate

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311638157.2A CN117828603A (en) 2023-12-02 2023-12-02 A method for protecting mobile terminal operating system information based on hardware certificate

Publications (1)

Publication Number Publication Date
CN117828603A true CN117828603A (en) 2024-04-05

Family

ID=90508724

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311638157.2A Pending CN117828603A (en) 2023-12-02 2023-12-02 A method for protecting mobile terminal operating system information based on hardware certificate

Country Status (1)

Country Link
CN (1) CN117828603A (en)

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104123505A (en) * 2014-07-24 2014-10-29 丹阳市广播电视台 Android intelligent device anti-getroot system and calibration method thereof
CN110110526A (en) * 2019-05-08 2019-08-09 郑州信大捷安信息技术股份有限公司 A kind of safety starting device and method based on safety chip
CN114861191A (en) * 2022-04-27 2022-08-05 北京计算机技术及应用研究所 Embedded equipment safety starting framework and method
CN115640582A (en) * 2022-10-31 2023-01-24 瑞芯微电子股份有限公司 Method for upgrading signed firmware, electronic device and storage medium

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104123505A (en) * 2014-07-24 2014-10-29 丹阳市广播电视台 Android intelligent device anti-getroot system and calibration method thereof
CN110110526A (en) * 2019-05-08 2019-08-09 郑州信大捷安信息技术股份有限公司 A kind of safety starting device and method based on safety chip
CN114861191A (en) * 2022-04-27 2022-08-05 北京计算机技术及应用研究所 Embedded equipment safety starting framework and method
CN115640582A (en) * 2022-10-31 2023-01-24 瑞芯微电子股份有限公司 Method for upgrading signed firmware, electronic device and storage medium

Similar Documents

Publication Publication Date Title
CN110677418B (en) Trusted voiceprint authentication method and device, electronic equipment and storage medium
US10547604B2 (en) Information recording apparatus with shadow boot program for authentication with a server
JP4067985B2 (en) Application authentication system and device
CN101350723B (en) USB Key equipment and method for implementing verification thereof
JP5079803B2 (en) System and method for authenticating a game device
TWI640893B (en) Method of authorizing an operation to be performed on a targeted computing device
CN103502992B (en) For the system and method for anti-tamper guiding
CN109412812B (en) Data security processing system, method, device and storage medium
CN107679425B (en) Trusted boot method based on firmware and USBKey combined full disk encryption
WO2020192406A1 (en) Method and apparatus for data storage and verification
JP2004295271A (en) Card and pass code generator
KR20030057565A (en) Anti-spoofing password protection
CN101340281A (en) Method and system for safe login input on network
JP2004213216A (en) Information security microcomputer and its program developing device and program development system
US20120137372A1 (en) Apparatus and method for protecting confidential information of mobile terminal
CN105975867B (en) Data processing method
US20050257272A1 (en) Information processing unit having security function
JP2019192231A (en) Computer system and method for initializing computer system
CN101441601A (en) Ciphering transmission method of hard disk ATA instruction
CN112765637A (en) Data processing method, password service device and electronic equipment
US11838282B2 (en) Information recording apparatus with server-based user authentication for accessing a locked operating system storage
US20140143896A1 (en) Digital Certificate Based Theft Control for Computers
CN114840863B (en) Secure storage method and system based on trusted embedded device and FTP
CN115357948A (en) Hardware anti-copying encryption method and device based on TEE and encryption chip
CN102542698B (en) Safety protective method of electric power mobile payment terminal

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination