[go: up one dir, main page]

CN118153025A - PCI-E interface password card design method and PCI-E interface password card - Google Patents

PCI-E interface password card design method and PCI-E interface password card Download PDF

Info

Publication number
CN118153025A
CN118153025A CN202311813769.0A CN202311813769A CN118153025A CN 118153025 A CN118153025 A CN 118153025A CN 202311813769 A CN202311813769 A CN 202311813769A CN 118153025 A CN118153025 A CN 118153025A
Authority
CN
China
Prior art keywords
key
chip
pci
interface
password
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
CN202311813769.0A
Other languages
Chinese (zh)
Other versions
CN118153025B (en
Inventor
张朋新
王佶
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
China Financial Certification Authority Co ltd
Original Assignee
China Financial Certification Authority Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by China Financial Certification Authority Co ltd filed Critical China Financial Certification Authority Co ltd
Priority to CN202311813769.0A priority Critical patent/CN118153025B/en
Publication of CN118153025A publication Critical patent/CN118153025A/en
Application granted granted Critical
Publication of CN118153025B publication Critical patent/CN118153025B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/31User authentication
    • G06F21/34User authentication involving the use of external additional devices, e.g. dongles or smart cards
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/30Authentication, i.e. establishing the identity or authorisation of security principals
    • G06F21/45Structures or tools for the administration of authentication
    • G06F21/46Structures or tools for the administration of authentication by designing passwords or checking the strength of passwords
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Hardware Design (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Storage Device Security (AREA)

Abstract

本发明提供一种PCI‑E接口密码卡设计方法及PCI‑E接口密码卡,所述PCI‑E接口密码卡包括加密控制芯片、安全芯片、物理噪声源芯片、智能密码钥匙,所述加密控制芯片分别与所述安全芯片、物理噪声源芯片、智能密码钥匙电性连接,所述方法包括:通过所述物理噪声源芯片获取随机数;基于所述物理噪声源芯片获取的所述随机数,通过所述加密控制芯片进行高性能密码运算、设备管理、密钥数据管理、密钥存储和访问控制;通过所述安全芯片对密钥数据进行加密存储及权限管理;通过所述智能密码钥匙实现操作员和管理员身份验证和密钥数据备份。本发明可进一步提高密钥的安全性,提高通信速率,满足云密码机等设备的高速加密要求。

The present invention provides a PCI-E interface password card design method and a PCI-E interface password card, wherein the PCI-E interface password card includes an encryption control chip, a security chip, a physical noise source chip, and an intelligent password key, wherein the encryption control chip is electrically connected to the security chip, the physical noise source chip, and the intelligent password key, respectively, and the method includes: obtaining a random number through the physical noise source chip; performing high-performance cryptographic operations, device management, key data management, key storage, and access control through the encryption control chip based on the random number obtained by the physical noise source chip; performing encrypted storage and authority management of key data through the security chip; and realizing operator and administrator identity authentication and key data backup through the intelligent password key. The present invention can further improve the security of the key, improve the communication rate, and meet the high-speed encryption requirements of devices such as cloud cryptographic machines.

Description

PCI-E接口密码卡设计方法和PCI-E接口密码卡PCI-E interface password card design method and PCI-E interface password card

技术领域Technical Field

本发明涉及密码卡技术领域,尤其涉及一种PCI-E接口密码卡设计方法和PCI-E接口密码卡。The present invention relates to the technical field of password cards, and in particular to a PCI-E interface password card design method and a PCI-E interface password card.

背景技术Background technique

PCI-E接口密码卡具有标准PCI-E接口,具有密码运算、密钥管理、随机数生成和检验、访问控制和文件存储管理等功能。目前已经应用到SSL VPN网关、SVS签名验签服务器、时间戳服务器和服务器密码机等高端硬件产品中。The PCI-E interface cryptographic card has a standard PCI-E interface and has functions such as cryptographic operations, key management, random number generation and verification, access control, and file storage management. It has been applied to high-end hardware products such as SSL VPN gateways, SVS signature verification servers, timestamp servers, and server cryptographic machines.

然而,通常使用的PCI-E密码卡接口通信速率较低,密码运算能力不足,不能满足云密码机等设备的高速加密要求。However, the commonly used PCI-E cryptographic card interface has a low communication rate and insufficient cryptographic computing power, which cannot meet the high-speed encryption requirements of devices such as cloud cryptographic machines.

发明内容Summary of the invention

本发明提供一种PCI-E接口密码卡设计方法和PCI-E接口密码卡,用以解决现有技术中PCI-E接口通信速率较低,密码运算能力不足,不能满足云密码机等设备的高速加密要求的缺陷,扩展PCI-E接口密码卡的通道数,提高通信速率和密码运算能力。The present invention provides a PCI-E interface password card design method and a PCI-E interface password card, which are used to solve the defects in the prior art that the PCI-E interface communication rate is low, the password operation capability is insufficient, and the high-speed encryption requirements of devices such as cloud cryptographic machines cannot be met, the number of channels of the PCI-E interface password card is expanded, and the communication rate and the password operation capability are improved.

本发明提供一种PCI-E接口密码卡设计方法,所述PCI-E接口密码卡包括加密控制芯片、安全芯片、物理噪声源芯片、智能密码钥匙,所述加密控制芯片分别与所述安全芯片、物理噪声源芯片、智能密码钥匙电性连接,所述方法包括:The present invention provides a method for designing a PCI-E interface password card, wherein the PCI-E interface password card comprises an encryption control chip, a security chip, a physical noise source chip, and an intelligent password key, wherein the encryption control chip is electrically connected to the security chip, the physical noise source chip, and the intelligent password key, respectively, and the method comprises:

通过所述物理噪声源芯片获取随机数;Obtaining random numbers through the physical noise source chip;

基于所述物理噪声源芯片获取的所述随机数,通过所述加密控制芯片进行高性能密码运算、设备管理、密钥数据管理、密钥存储和访问控制;Based on the random number obtained by the physical noise source chip, high-performance cryptographic operations, device management, key data management, key storage and access control are performed through the encryption control chip;

通过所述安全芯片对密钥数据进行加密存储及权限管理;Encrypted storage and permission management of key data are performed through the security chip;

通过所述智能密码钥匙实现操作员和管理员身份验证和密钥数据备份。Operator and administrator identity authentication and key data backup are achieved through the smart password key.

根据本发明提供的PCI-E接口密码卡设计方法,所述密钥数据管理,包括:According to the PCI-E interface password card design method provided by the present invention, the key data management includes:

所述加密控制芯片通过三级密钥结构对密钥数据进行加密管理,所述三级密钥包括一级密钥、二级密钥、三级密钥,所述一级密钥为保护密钥,所述二级密钥包括用户密钥、密钥加密密钥、备份密钥、通信保护密钥加密密钥、通信保护密钥、固件保护密钥、临时密钥、设备密钥和设备外部认证密钥中的一种或多种,所述三级密钥为会话密钥。The encryption control chip encrypts and manages key data through a three-level key structure, wherein the three-level key includes a first-level key, a second-level key, and a third-level key, wherein the first-level key is a protection key, and the second-level key includes a user key, a key encryption key, a backup key, a communication protection key encryption key, a communication protection key, a firmware protection key, a temporary key, a device key, and a device external authentication key, and the third-level key is a session key.

根据本发明提供的PCI-E接口密码卡设计方法,三级密钥结构中,所述一级密钥对二级密钥进行加密保护,二级密钥在密码卡内部存储时,使用一级密钥进行加密后存储。According to the PCI-E interface password card design method provided by the present invention, in the three-level key structure, the first-level key encrypts and protects the second-level key, and when the second-level key is stored inside the password card, it is encrypted and stored using the first-level key.

根据本发明提供的PCI-E接口密码卡设计方法,所述基于角色的密钥访问控制,包括:在所述安全芯片内部进行权限管理,并通过所述加密控制芯片与所述安全芯片之间的加密通道同步权限状态,实现所述加密控制芯片与所述安全芯片协同访问控制。According to the PCI-E interface password card design method provided by the present invention, the role-based key access control includes: performing permission management inside the security chip, and synchronizing the permission status through the encrypted channel between the encryption control chip and the security chip to achieve collaborative access control between the encryption control chip and the security chip.

本发明还提供了一种通过PCI-E接口密码卡设计方法得到的PCI-E接口密码卡,包括:The present invention also provides a PCI-E interface password card obtained by the PCI-E interface password card design method, comprising:

加密控制芯片,用于基于物理噪声源芯片获取的随机数,实现高性能密码运算,并实现设备管理、密钥数据管理、密钥存储和访问控制功能;Encryption control chip, used to achieve high-performance cryptographic operations based on random numbers obtained by physical noise source chips, and implement device management, key data management, key storage and access control functions;

安全芯片,用于对加密控制芯片处理的密钥数据进行加密存储及权限管理;Security chip, used for encrypting and storing key data processed by the encryption control chip and managing permissions;

物理噪声源芯片,用于获取随机数;Physical noise source chip, used to obtain random numbers;

智能密码钥匙,用于实现操作员和管理员身份验证和对加密控制芯片处理的密钥数据进行备份。Intelligent password key, used to realize operator and administrator identity authentication and back up the key data processed by the encryption control chip.

根据本发明提供的PCI-E接口密码卡,所述物理噪声源芯片具体包括:第一物理噪声源芯片、第二物理噪声源芯片,所述第一物理噪声源芯片、第二物理噪声源芯片分别与所述加密控制芯片电性连接。According to the PCI-E interface password card provided by the present invention, the physical noise source chip specifically includes: a first physical noise source chip and a second physical noise source chip, and the first physical noise source chip and the second physical noise source chip are electrically connected to the encryption control chip respectively.

根据本发明提供的PCI-E接口密码卡,还包括电源控制芯片,所述电源控制芯片与所述加密控制芯片电性连接,用于对PCI-E接口电压进行转换,及为所述密码卡其他模块进行供电。The PCI-E interface password card provided according to the present invention also includes a power control chip, which is electrically connected to the encryption control chip and is used to convert the PCI-E interface voltage and supply power to other modules of the password card.

根据本发明提供的PCI-E接口密码卡,所述物理噪声源芯片使用2片RSP物理噪声源芯片T10实现2路互为备份的随机源。According to the PCI-E interface password card provided by the present invention, the physical noise source chip uses two RSP physical noise source chips T10 to realize two-way random sources that back up each other.

根据本发明提供的PCI-E接口密码卡,所述PCI-E接口密码卡与PC机通过PCI-EX16接口连接。According to the PCI-E interface password card provided by the present invention, the PCI-E interface password card is connected to a PC via a PCI-EX16 interface.

根据本发明提供的PCI-E接口密码卡,还包括毁钥模块,所述毁钥模块通过毁钥接口分别与所述加密控制芯片及所述安全芯片电性连接,用于密钥销毁及密钥初始化操作。The PCI-E interface password card provided according to the present invention further includes a key destruction module, which is electrically connected to the encryption control chip and the security chip respectively through a key destruction interface and is used for key destruction and key initialization operations.

根据本发明提供的PCI-E接口密码卡,所述密钥销毁及密钥初始化操作,包括:According to the PCI-E interface password card provided by the present invention, the key destruction and key initialization operations include:

在上电情况下,检测到按钮按下,所述加密控制芯片启动自毁程序,销毁密码卡内部的二级密钥内部的临时密钥、用户密钥、密码加密密钥、会话密钥、设备外部认证密钥及私钥访问控制码杂凑值,设备回到初始状态。When the power is on, if a button is pressed, the encryption control chip starts the self-destruction program, destroys the temporary key inside the secondary key inside the password card, the user key, the password encryption key, the session key, the device external authentication key and the private key access control code hash value, and the device returns to the initial state.

根据本发明提供的PCI-E接口密码卡,所述加密控制芯片上电性连接有温度传感器,所述温度传感器用于对加密控制芯片的温度进行监测;According to the PCI-E interface password card provided by the present invention, a temperature sensor is electrically connected to the encryption control chip, and the temperature sensor is used to monitor the temperature of the encryption control chip;

所述加密控制芯片通过I/O接口与指示灯电性连接,所述指示灯包括第一状态指示灯、第二状态指示灯及智能密码钥匙接入指示灯,其中所述第一状态指示灯用于表征在密码卡上电后供电是否正常,第二状态指示灯用于表征密码卡上电自检是否通过,所述智能密码钥匙接入指示灯用于表征智能密码钥匙是否接入密码卡。The encryption control chip is electrically connected to the indicator light through an I/O interface, and the indicator light includes a first status indicator light, a second status indicator light and a smart password key access indicator light, wherein the first status indicator light is used to indicate whether the power supply is normal after the password card is powered on, the second status indicator light is used to indicate whether the power-on self-test of the password card has passed, and the smart password key access indicator light is used to indicate whether the smart password key is accessed to the password card.

根据本发明提供的PCI-E接口密码卡,所述加密控制芯片采用RSP-S20芯片,所述安全芯片采用Z32HUA芯片,所述智能密码钥匙采用Utap智能密码钥匙。According to the PCI-E interface password card provided by the present invention, the encryption control chip adopts the RSP-S20 chip, the security chip adopts the Z32HUA chip, and the smart password key adopts the Utap smart password key.

本发明还提供一种电子设备,包括存储器、处理器及存储在所述存储器上并可在所述处理器上运行的计算机程序,所述处理器执行所述程序时实现如上任一项所述PCI-E接口密码卡设计方法的步骤。The present invention also provides an electronic device, comprising a memory, a processor, and a computer program stored in the memory and executable on the processor, wherein when the processor executes the program, the steps of the PCI-E interface password card design method as described in any one of the above items are implemented.

本发明还提供一种非暂态计算机可读存储介质,其上存储有计算机程序,所述计算机程序被处理器执行时实现如上任一项所述PCI-E接口密码卡设计方法的步骤。The present invention also provides a non-transitory computer-readable storage medium having a computer program stored thereon, and when the computer program is executed by a processor, the steps of the PCI-E interface password card design method as described in any one of the above items are implemented.

本发明提供的PCI-E接口密码卡设计方法和PCI-E接口密码卡,通过在PCI-E接口密码卡中设置加密控制芯片及安全芯片,扩展PCI-E接口密码卡的通道数,提高通信速率,同时,通过安全芯片对数据进行加密存储,可进一步提高密钥的安全性,满足云密码机等设备的高速加密要求,具有更强的适用性和更广的使用场景。The PCI-E interface password card design method and the PCI-E interface password card provided by the present invention expand the number of channels of the PCI-E interface password card and improve the communication rate by setting an encryption control chip and a security chip in the PCI-E interface password card. At the same time, data is encrypted and stored through the security chip, which can further improve the security of the key, meet the high-speed encryption requirements of devices such as cloud cryptographic machines, and have stronger applicability and wider usage scenarios.

附图说明BRIEF DESCRIPTION OF THE DRAWINGS

为了更清楚地说明本发明或现有技术中的技术方案,下面将对实施例或现有技术描述中所需要使用的附图作一简单地介绍,显而易见地,下面描述中的附图是本发明的一些实施例,对于本领域普通技术人员来讲,在不付出创造性劳动的前提下,还可以根据这些附图获得其他的附图。In order to more clearly illustrate the technical solutions in the present invention or the prior art, the following briefly introduces the drawings required for use in the embodiments or the description of the prior art. Obviously, the drawings described below are some embodiments of the present invention. For ordinary technicians in this field, other drawings can be obtained based on these drawings without paying creative work.

图1是本发明实施例提供的PCI-E接口密码卡的结构框图;1 is a block diagram of a PCI-E interface password card provided in an embodiment of the present invention;

图2是本发明提供的PCI-E接口密码卡的总体架构;FIG2 is the overall architecture of the PCI-E interface password card provided by the present invention;

图3是本发明实施例提供的密码卡上电自检流程图;3 is a flowchart of a power-on self-test of a password card provided by an embodiment of the present invention;

图4是本发明提供的PCI-E接口密码卡的PCB版图;FIG4 is a PCB layout of a PCI-E interface password card provided by the present invention;

图5是本发明实施例提供的电子设备的结构示意图。FIG. 5 is a schematic diagram of the structure of an electronic device provided by an embodiment of the present invention.

具体实施方式Detailed ways

为使本发明的目的、技术方案和优点更加清楚,下面将结合本发明中的附图,对本发明中的技术方案进行清楚、完整地描述,显然,所描述的实施例是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有作出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。In order to make the purpose, technical solution and advantages of the present invention clearer, the technical solution of the present invention will be clearly and completely described below in conjunction with the drawings of the present invention. Obviously, the described embodiments are part of the embodiments of the present invention, not all of the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by ordinary technicians in this field without creative work are within the scope of protection of the present invention.

PCI-E接口密码卡具有标准PCI-E接口,具有密码运算、密钥管理、随机数生成和检验、访问控制和文件存储管理等功能。目前已经应用到SSL VPN网关、SVS签名验签服务器、时间戳服务器和服务器密码机等高端硬件产品中。The PCI-E interface cryptographic card has a standard PCI-E interface and has functions such as cryptographic operations, key management, random number generation and verification, access control, and file storage management. It has been applied to high-end hardware products such as SSL VPN gateways, SVS signature verification servers, timestamp servers, and server cryptographic machines.

市场上的密码卡大都采用FPGA通用芯片作为管理核心,外挂密码算法芯片作为运算单元。采用的芯片种类多,技术实施复杂,制造成本偏高。针对此问题,部分高端密码卡采用PCI-E X8/X4接口作为密码卡与上位机的交互接口。Most of the password cards on the market use FPGA general-purpose chips as the management core and external password algorithm chips as the computing unit. There are many types of chips used, the technical implementation is complex, and the manufacturing cost is high. To address this problem, some high-end password cards use PCI-E X8/X4 interface as the interactive interface between the password card and the host computer.

然而,上述密码卡,PCI-E接口通道数较少,接口通信速率较低,密码运算能力不足,不能满足云密码机等设备的高速加密要求。However, the above-mentioned cryptographic cards have fewer PCI-E interface channels, lower interface communication rates, and insufficient cryptographic computing capabilities, and cannot meet the high-speed encryption requirements of devices such as cloud cryptographic machines.

为解决上述问题,本发明提出了一种PCI-E接口密码卡设计方法和PCI-E接口密码卡。图1是本发明实施例提供的PCI-E接口密码卡的结构框图,如图1所示,所述PCI-E接口密码卡包括加密控制芯片、安全芯片、物理噪声源芯片、智能密码钥匙,所述加密控制芯片分别与所述安全芯片、物理噪声源芯片、智能密码钥匙电性连接,所述方法包括:To solve the above problems, the present invention proposes a PCI-E interface password card design method and a PCI-E interface password card. FIG1 is a structural block diagram of a PCI-E interface password card provided by an embodiment of the present invention. As shown in FIG1 , the PCI-E interface password card includes an encryption control chip, a security chip, a physical noise source chip, and an intelligent password key. The encryption control chip is electrically connected to the security chip, the physical noise source chip, and the intelligent password key, respectively. The method includes:

通过所述物理噪声源芯片获取随机数;Obtaining random numbers through the physical noise source chip;

基于所述物理噪声源芯片获取的所述随机数,通过所述加密控制芯片进行高性能密码运算、设备管理、密钥数据管理、密钥存储和访问控制;Based on the random number obtained by the physical noise source chip, high-performance cryptographic operations, device management, key data management, key storage and access control are performed through the encryption control chip;

通过所述安全芯片对密钥数据进行加密存储及权限管理;Encrypted storage and permission management of key data are performed through the security chip;

通过所述智能密码钥匙实现操作员和管理员身份验证和密钥数据备份。Operator and administrator identity authentication and key data backup are achieved through the smart password key.

可选地,所述密钥数据管理,包括:Optionally, the key data management includes:

所述加密控制芯片通过三级密钥结构对密钥数据进行加密管理,所述三级密钥包括一级密钥、二级密钥、三级密钥,所述一级密钥为保护密钥,所述二级密钥包括用户密钥、密钥加密密钥、备份密钥、通信保护密钥加密密钥、通信保护密钥、固件保护密钥、临时密钥、设备密钥和设备外部认证密钥中的一种或多种,所述三级密钥为会话密钥。The encryption control chip encrypts and manages key data through a three-level key structure, wherein the three-level key includes a first-level key, a second-level key, and a third-level key, wherein the first-level key is a protection key, and the second-level key includes a user key, a key encryption key, a backup key, a communication protection key encryption key, a communication protection key, a firmware protection key, a temporary key, a device key, and a device external authentication key, and the third-level key is a session key.

可选地,三级密钥结构中,所述一级密钥对二级密钥进行加密保护,二级密钥在密码卡内部存储时,使用一级密钥进行加密后存储。Optionally, in the three-level key structure, the first-level key encrypts and protects the second-level key, and when the second-level key is stored inside the password card, it is encrypted and stored using the first-level key.

可选地,所述基于角色的密钥访问控制,包括:在所述安全芯片内部进行权限管理,并通过所述加密控制芯片与所述安全芯片之间的加密通道同步权限状态,实现所述加密控制芯片与所述安全芯片协同访问控制。Optionally, the role-based key access control includes: performing permission management inside the security chip, and synchronizing permission status through an encrypted channel between the encryption control chip and the security chip to achieve collaborative access control between the encryption control chip and the security chip.

可选地,所述加密控制芯片采用RSP-S20芯片,所述安全芯片采用Z32HUA芯片,所述智能密码钥匙采用Utap智能密码钥匙,所述物理噪声源芯片使用2片RSP物理噪声源芯片T10实现2路互为备份的随机源。Optionally, the encryption control chip adopts an RSP-S20 chip, the security chip adopts a Z32HUA chip, the smart password key adopts an Utap smart password key, and the physical noise source chip uses two RSP physical noise source chips T10 to realize two random sources that back up each other.

图2是本发明提供的PCI-E接口密码卡的总体架构,如图2所示,在本发明实施例中,密码卡硬件共包含以下5个部分:FIG. 2 is the overall architecture of the PCI-E interface password card provided by the present invention. As shown in FIG. 2 , in the embodiment of the present invention, the password card hardware includes the following five parts:

RSP-S20芯片:是PCI-E密码卡核心芯片,向上实现PCI-E通信,向下连接各硬件功能模块,主要包括通过T10获取随机数,实现SM1、SM2、SM3、SM4及RSA高性能密码运算,设备管理、密钥管理、密钥存储和访问控制等功能;RSP-S20 chip: It is the core chip of PCI-E cryptographic card, which realizes PCI-E communication upward and connects various hardware functional modules downward. It mainly obtains random numbers through T10, realizes SM1, SM2, SM3, SM4 and RSA high-performance cryptographic operations, device management, key management, key storage and access control, etc.

物理噪声源芯片:使用2片RSP物理噪声源芯片T10实现2路互为备份的随机源;Physical noise source chip: Use two RSP physical noise source chips T10 to realize two-way random sources that backup each other;

安全芯片:使用Z32HUA安全芯片实现密钥协商等功能;Security chip: Use Z32HUA security chip to implement key negotiation and other functions;

智能密码钥匙:使用北京中金国信科技有限公司Utap智能密码钥匙实现操作员和管理员(密码主管)身份和密钥备份;Smart password key: Use Utap smart password key of Beijing Zhongjin Guoxin Technology Co., Ltd. to realize the identity and key backup of operators and administrators (password supervisors);

电源管理:对PCI-E接口电压进行转换,为各硬件模块供电。Power management: Convert the PCI-E interface voltage to provide power for each hardware module.

具体地,本发明实施例提供的PCI-E接口密码卡,通过PCI-E X16接口与PC机连接,由RSP-S20芯片的PCI-E接口模块实现,符合PCI Express Base Specification v2.0规范。Specifically, the PCI-E interface password card provided in the embodiment of the present invention is connected to the PC through the PCI-E X16 interface, is implemented by the PCI-E interface module of the RSP-S20 chip, and complies with the PCI Express Base Specification v2.0.

可选地,在本发明实施例中,PCI-E密码卡为用户提供两个运行状态指示灯以及一个智能密码钥匙接入指示灯,两个运行状态指示灯分别为电源指示灯和上电自检指示灯。Optionally, in an embodiment of the present invention, the PCI-E password card provides the user with two operating status indicator lights and one smart password key access indicator light, and the two operating status indicator lights are a power indicator light and a power-on self-test indicator light.

具体地,PCI-E密码卡上电后,如供电正常,电源指示灯(红灯)亮;上电自检完成且通过,上电自检指示灯(绿灯)亮;当智能密码钥匙接入到PCI-E密码卡上时,智能密码钥匙接入指示灯就会绿灯亮,否则未接入智能密码钥匙,则接入指示灯就会黄灯亮。Specifically, after the PCI-E password card is powered on, if the power supply is normal, the power indicator light (red light) will be on; if the power-on self-test is completed and passed, the power-on self-test indicator light (green light) will be on; when the smart password key is connected to the PCI-E password card, the smart password key access indicator light will be green, otherwise, if the smart password key is not connected, the access indicator light will be yellow.

可选地,本发明实施例提供的PCI-E密码卡通过按钮方式实现紧急销毁功能。Optionally, the PCI-E cryptographic card provided in the embodiment of the present invention realizes the emergency destruction function by means of a button.

具体地,在上电情况下,如果检测到按钮按下,RSP-S20芯片启动自毁程序,销毁密码卡内部的:临时密钥、用户密钥、密钥加密密钥、会话密钥、设备外部认证密钥和私钥访问控制码杂凑值,设备回到初始状态。Specifically, when powered on, if a button is detected, the RSP-S20 chip starts the self-destruction program, destroying the temporary key, user key, key encryption key, session key, device external authentication key and private key access control code hash value inside the password card, and the device returns to its initial state.

在本实施例中,智能密码钥匙接口遵循USB Mass storage协议。In this embodiment, the smart password key interface complies with the USB Mass storage protocol.

可以理解的是,PCI-E密码卡的主要功能是密码算法的高性能运算,由加密控制芯片高速算法引擎模块和密钥缓存及算法运算模块共同完成。It is understandable that the main function of the PCI-E cryptographic card is the high-performance operation of the cryptographic algorithm, which is completed by the encryption control chip high-speed algorithm engine module and the key cache and algorithm operation module.

示例地,表1为本发明提供的PCI-E密码卡密钥种类与用途。For example, Table 1 shows the types and uses of the PCI-E cryptographic card keys provided by the present invention.

表1Table 1

如表1所示,在具体的实施例中,RSP-S20芯片提供的国密算法基础运算功能有:SM2算法签名、验签、kP、kG、加密、解密、SM3算法运算、SM4算法(ECB、CBC、OFB、CFB和CTR模式)。使用时主要通过密钥缓存及算法运算模块获得密钥数据,使用高速算法引擎设置相应的密码运算功能完成计算。为上层提供SM2、SM3、SM4算法应用功能有密钥管理及访问控制。As shown in Table 1, in a specific embodiment, the basic operation functions of the national secret algorithm provided by the RSP-S20 chip include: SM2 algorithm signature, signature verification, kP, kG, encryption, decryption, SM3 algorithm operation, SM4 algorithm (ECB, CBC, OFB, CFB and CTR mode). When in use, the key data is mainly obtained through the key cache and algorithm operation module, and the corresponding cryptographic operation function is set using the high-speed algorithm engine to complete the calculation. The SM2, SM3, and SM4 algorithm application functions provided to the upper layer include key management and access control.

具体地,PCI-E密码卡支持三级密钥结构,一级为保护密钥;二级为用户密钥、密钥加密密钥、备份密钥、通信保护密钥加密密钥、通信保护密钥、固件保护密钥、临时密钥、设备密钥和设备外部认证密钥;三级为会话密钥。三级密钥结构中,保护密钥对二级密钥进行加密保护。即密钥在密码卡内部存储时,使用保护密钥进行加密后再存储。Specifically, the PCI-E password card supports a three-level key structure, the first level is the protection key; the second level is the user key, key encryption key, backup key, communication protection key encryption key, communication protection key, firmware protection key, temporary key, device key and device external authentication key; the third level is the session key. In the three-level key structure, the protection key encrypts and protects the second-level key. That is, when the key is stored inside the password card, it is encrypted with the protection key before being stored.

在本实施例中,针对访问控制,PCI-E密码卡使用基于角色的访问控制策略。In this embodiment, for access control, the PCI-E cryptographic card uses a role-based access control policy.

具体地,操作人员使用智能密码钥匙进行登录,在密码卡安全芯片内部进行权限管理,并通过密码卡RSP-S20芯片与安全芯片之间的加密通道同步权限状态,实现密码卡RSP-S20和安全芯片协同访问控制。Specifically, the operator logs in using the smart password key, performs permission management inside the password card security chip, and synchronizes permission status through the encrypted channel between the password card RSP-S20 chip and the security chip to achieve collaborative access control between the password card RSP-S20 and the security chip.

详细来说,在密码卡的开发和生产制造阶段,主要是硬件设计,软件开发和程序下载。在密码卡的应用初始阶段,第一步是生成保护密钥,由RSP-S20芯片控制并设置生命周期,禁止非本生命周期的操作;第二步是安装设备信息,同样是由RSP-S20芯片控制并设置生命周期,禁止非本生命周期的操作;第三步是智能密码钥匙设置初始PIN码;第四步是生成或安装备份密钥,同样需要由RSP-S20芯片控制并设置生命周期,禁止非本生命周期的操作。在密码卡的使用阶段,本阶段完成除前三步以外的所有操作,同样需要由RSP-S20芯片控制并设置生命周期,禁止非本生命周期的操作。在密码卡的废止阶段,密码卡内用户均注销,注册的管理员(密码主管)和操作员智能密码钥匙全被锁定,实现安全销毁,之后密码卡将无法使用。In detail, in the development and manufacturing stage of the password card, it is mainly hardware design, software development and program download. In the initial application stage of the password card, the first step is to generate a protection key, which is controlled by the RSP-S20 chip and sets the life cycle, and prohibits operations outside this life cycle; the second step is to install the device information, which is also controlled by the RSP-S20 chip and sets the life cycle, and prohibits operations outside this life cycle; the third step is to set the initial PIN code for the smart password key; the fourth step is to generate or install a backup key, which also needs to be controlled by the RSP-S20 chip and set the life cycle, and prohibit operations outside this life cycle. In the use stage of the password card, all operations except the first three steps are completed in this stage, which also needs to be controlled by the RSP-S20 chip and set the life cycle, and prohibit operations outside this life cycle. In the abolition stage of the password card, all users in the password card are logged out, and the registered administrator (password supervisor) and operator smart password keys are all locked to achieve safe destruction, and the password card will be unusable afterwards.

在权限管理方面,PCI-E密码卡包括:In terms of permission management, the PCI-E password card includes:

无权限,PCI-E密码卡硬件上电自检成功后,进入无权限状态。No permission. After the PCI-E password card hardware power-on self-test succeeds, it enters the no permission state.

用户(操作员)权限,使用操作员智能密码钥匙成功登录PCI-E密码卡后,进入操作员权限状态。User (operator) authority, after successfully logging into the PCI-E password card using the operator smart password key, enter the operator authority state.

管理员(密码主管)权限,使用管理员(密码主管)智能密码钥匙成功登录PCI-E密码卡后,进入管理员(密码主管)权限状态。Administrator (password supervisor) authority: After successfully logging into the PCI-E password card using the administrator (password supervisor) smart password key, you will enter the administrator (password supervisor) authority state.

超级管理员权限,当成功登录注册管理员(密码主管)半数以上的管理员(密码主管)智能密码钥匙后,进入超级管理员权限状态。最多可注册3个管理员(密码主管),注册的管理员(密码主管)智能密码钥匙未达到3张时,无法进行密钥备份和恢复。Super administrator privileges: After successfully logging in more than half of the administrators' (password supervisors') smart password keys, you will enter the super administrator privilege state. You can register up to 3 administrators (password supervisors). If the number of registered administrators' (password supervisors') smart password keys is less than 3, key backup and recovery cannot be performed.

基于上述权限管理状态,设置权限状态转换机制。Based on the above permission management status, a permission status conversion mechanism is set.

具体地,根据PCI-E密码卡上电状态和操作员与管理员(密码主管)智能密码钥匙登录状态,RSP-S20芯片实现全局权限状态的转换,并将无权限状态、操作员权限状态以及私钥访问控制码验证情况通过安全方式传递给安全芯片的密钥缓存模块。Specifically, according to the power-on status of the PCI-E password card and the login status of the operator and administrator (password supervisor) smart password keys, the RSP-S20 chip implements the conversion of the global permission status, and transmits the unauthorized status, operator permission status and private key access control code verification status to the key cache module of the security chip in a secure manner.

可选地,本发明实施例提供的PCI-E接口密码卡,还包括自检模块,所述自检模块具体包括:Optionally, the PCI-E interface password card provided in the embodiment of the present invention further includes a self-test module, and the self-test module specifically includes:

设备自检模块:PCI-E密码卡设备自检模块主要完成上电自检和使用自检功能,配合PC端软件完成设备出厂检测和周期性检测。设备自检模块的主要检测功能包括:硬件模块接口检测、硬件异常自检、物理噪声源芯片检测、随机数检测、密码算法正确性检测、固件和数据完整性检测。Equipment self-test module: The PCI-E cryptographic card equipment self-test module mainly completes the power-on self-test and use self-test functions, and cooperates with the PC-side software to complete the equipment factory inspection and periodic inspection. The main detection functions of the equipment self-test module include: hardware module interface detection, hardware abnormality self-test, physical noise source chip detection, random number detection, cryptographic algorithm correctness detection, firmware and data integrity detection.

算法运算功能自检:在设备出厂、上电、生成密钥对和PC端调用自检API接口时均会通过自检模块对算法运算功能进行自检。在设备出厂、上电和PC端调用自检API接口时,对算法运算功能进行全检,在生成密钥对时对密钥对的正确性进行检测。Self-check of algorithm operation function: The self-check module will perform self-check on the algorithm operation function when the device leaves the factory, is powered on, generates a key pair, and the PC calls the self-check API interface. When the device leaves the factory, is powered on, and the PC calls the self-check API interface, the algorithm operation function is fully checked, and the correctness of the key pair is tested when the key pair is generated.

具体地,密码卡RSP-S20芯片通过给定预置数据的方法,实现SM2密钥对一致性自检、SM2算法签名验签自检、SM2算法加密解密自检、SM3算法自检、SM4 ECB模式算法自检、SM4 CBC模式算法自检、SM4 MAC模式算法自检、SM4 OFB模式算法自检、SM4 CFB模式算法自检、SM4 CTR模式算法自检;密码卡Z32HUA安全芯片实现SM1 ECB模式算法自检、SM1 CBC模式算法自检、SM1 OFB模式算法自检、SM1 CFB模式算法自检、SM1 MAC模式算法自检、RSA2048密钥对一致性自检、RSA2048签名验签算法自检、RSA2048加解密算法自检。Specifically, the password card RSP-S20 chip implements SM2 key pair consistency self-test, SM2 algorithm signature verification self-test, SM2 algorithm encryption and decryption self-test, SM3 algorithm self-test, SM4 ECB mode algorithm self-test, SM4 CBC mode algorithm self-test, SM4 MAC mode algorithm self-test, SM4 OFB mode algorithm self-test, SM4 CFB mode algorithm self-test, and SM4 CTR mode algorithm self-test by giving preset data; the password card Z32HUA security chip implements SM1 ECB mode algorithm self-test, SM1 CBC mode algorithm self-test, SM1 OFB mode algorithm self-test, SM1 CFB mode algorithm self-test, SM1 MAC mode algorithm self-test, RSA2048 key pair consistency self-test, RSA2048 signature verification algorithm self-test, and RSA2048 encryption and decryption algorithm self-test.

进一步地,在算法运算功能自检过程中,只有SM1、SM2、SM3、SM4和RSA2048都通过自检,则认为密码卡通过算法运算自检。如果任何一个算法在自检过程中出现与预期结果不一致的情况,视为该项算法运算功能自检失败,密码卡算法运算功能自检失败。当出现算法运算功能自检失败时,密码卡只能提供执行查询硬件故障码和获取设备信息部分的功能。Furthermore, during the algorithm operation function self-test, only if SM1, SM2, SM3, SM4 and RSA2048 all pass the self-test, the password card is considered to have passed the algorithm operation self-test. If any algorithm is inconsistent with the expected result during the self-test, it is considered that the algorithm operation function self-test has failed, and the password card algorithm operation function self-test has failed. When the algorithm operation function self-test fails, the password card can only provide the functions of querying hardware fault codes and obtaining device information.

固件完整性自检:PCI-E密码卡固件分为RSP-S20芯片和Z32HUA安全芯片内部的嵌入式COS固件。出厂前,分别烧写到RSP-S20芯片和Z32HUA安全芯片内部的FLASH中。在使用过程中,PCI-E密码卡内部固件无法被擦除或修改,嵌入式固件仅在RSP-S20芯片和安全芯片内部运行。Firmware integrity self-check: The PCI-E password card firmware is divided into the embedded COS firmware inside the RSP-S20 chip and the Z32HUA security chip. Before leaving the factory, they are burned into the FLASH inside the RSP-S20 chip and the Z32HUA security chip respectively. During use, the internal firmware of the PCI-E password card cannot be erased or modified, and the embedded firmware only runs inside the RSP-S20 chip and the security chip.

具体地,固件完整性通过使用固件保护密钥实现,固件保护密钥由生产智能密码钥匙(SJK1977智能密码钥匙)生成。Specifically, firmware integrity is achieved by using a firmware protection key, which is generated by a production smart password key (SJK1977 smart password key).

PCI-E密码卡出厂前,密码卡RSP-S20芯片和Z32HUA安全芯片下载COS固件后,首先由生产工具软件获取COS固件的杂凑值,然后调用生产专用智能密码钥匙的“SM2签名”应用接口使用生产密钥对固件杂凑值签名,最后将签名结果和生产密钥公钥分别导入到RSP-S20芯片和Z32HUA安全芯片内并保存到内部存储区。Before the PCI-E password card leaves the factory, after the password card RSP-S20 chip and Z32HUA security chip download the COS firmware, the production tool software first obtains the hash value of the COS firmware, and then calls the "SM2 Signature" application interface of the production-specific smart password key to sign the firmware hash value using the production key. Finally, the signature result and the production key public key are imported into the RSP-S20 chip and Z32HUA security chip respectively and saved in the internal storage area.

设备每次上电,根据生命周期状态判断是否需要进行固件完整性自检,如果生命周期是生产制造阶段以后的状态,那么设备就会进行固件完整性自检。Each time the device is powered on, it determines whether a firmware integrity self-check is required based on the life cycle status. If the life cycle is a state after the manufacturing stage, the device will perform a firmware integrity self-check.

出厂的设备上电后,RSP-S20芯片和Z32HUA安全芯片内的嵌入式COS固件会读取代码区并计算杂凑值,然后读取生产设备的签名结果和生产密钥公钥,最后进行验签。如果验签通过,那么固件的完整性校验通过,否则固件的完整性检验不通过,设备进入错误状态。After the factory device is powered on, the embedded COS firmware in the RSP-S20 chip and the Z32HUA security chip will read the code area and calculate the hash value, then read the signature result and production key public key of the production device, and finally verify the signature. If the signature verification passes, the integrity check of the firmware passes, otherwise the integrity check of the firmware fails and the device enters an error state.

PCI-E密码卡RSP-S20芯片和Z32HUA安全芯片固件不提供导出或修改生产密钥数据和内部固件的接口。设备主要结合RSP-S20芯片和Z32HUA安全芯片的安全防护功能和嵌入式COS固件的安全控制措施,保证其内部存储的固件和敏感安全参数的完整性和保密性,难以被非法窃取和篡改。The PCI-E cryptographic card RSP-S20 chip and Z32HUA security chip firmware do not provide an interface for exporting or modifying production key data and internal firmware. The device mainly combines the security protection functions of the RSP-S20 chip and Z32HUA security chip and the security control measures of the embedded COS firmware to ensure the integrity and confidentiality of the firmware and sensitive security parameters stored internally, making it difficult to be illegally stolen and tampered with.

静态存储数据完整性自检:Z32HUA芯片数据完整性自检在设备上电时。PCI-E密码卡内部存储的密钥数据和敏感数据均保存有数据的SM3结果,通过对密钥数据和敏感数据进行解密后重新计算SM3,然后将计算得到的结果与存储的原始数值进行比对判断数据的完整性。Static storage data integrity self-check: Z32HUA chip data integrity self-check is performed when the device is powered on. The key data and sensitive data stored in the PCI-E password card are saved with the SM3 result of the data. SM3 is recalculated after decrypting the key data and sensitive data, and then the calculated result is compared with the stored original value to determine the integrity of the data.

硬件模块接口自检:自检模块通过测试指令确认各硬件模块接口能够正常通信。测试指令主要包括RSP-S20与安全芯片之间的测试指令,RSP-S20与智能密码钥匙转接器之间的测试指令等。Hardware module interface self-test: The self-test module confirms that each hardware module interface can communicate normally through test instructions. The test instructions mainly include the test instructions between RSP-S20 and the security chip, the test instructions between RSP-S20 and the smart password key adapter, etc.

在所述密码卡出厂、上电和PC端调用自检API接口时,对算法运算功能进行检验,在生成密钥对时对密钥对的正确性进行检测,实现算法运算功能自检;When the password card leaves the factory, is powered on, and the PC calls the self-check API interface, the algorithm operation function is checked, and when the key pair is generated, the correctness of the key pair is checked to achieve self-check of the algorithm operation function;

对加密控制芯片和安全芯片内的嵌入式COS固件进行检验,实现固件完整性自检;Verify the embedded COS firmware in the encryption control chip and security chip to achieve firmware integrity self-check;

通过对密码卡内部存储的密钥数据和敏感数据进行解密计算,并与存储的原始数值进行比对判断数据的完整性,实现静态存储数据完整性自检。The integrity of the statically stored data can be self-checked by performing decryption calculations on the key data and sensitive data stored in the password card and comparing them with the original stored values to determine the integrity of the data.

图3是本发明实施例提供的密码卡上电自检流程图,如图3所示,上电自检主要进行:硬件接口自检、物理噪声源芯片自测试、随机数自检、算法自检、安全芯片固件完整性自检、RSP-S20固件和密钥完整性自检。上电自检全部通过后,由RSP-S20芯片控制点亮密码卡工作状态灯,如果某项自检不通过,工作状态灯不亮,并设置故障状态位,只执行查询硬件故障码和获取设备信息部分功能,禁止执行其它密码运算等功能。密码卡上电自检详细流程如下:FIG3 is a flowchart of the power-on self-test of the password card provided by an embodiment of the present invention. As shown in FIG3 , the power-on self-test mainly includes: hardware interface self-test, physical noise source chip self-test, random number self-test, algorithm self-test, security chip firmware integrity self-test, RSP-S20 firmware and key integrity self-test. After all the power-on self-tests are passed, the RSP-S20 chip controls the lighting of the password card working status light. If a certain self-test fails, the working status light is off, and the fault status bit is set. Only some functions of querying hardware fault codes and obtaining device information are executed, and other functions such as cryptographic operations are prohibited. The detailed process of the password card power-on self-test is as follows:

步骤301、硬件接口自检:Step 301: Hardware interface self-check:

在本步骤中,硬件接口自检主要检测密码卡RSP-S20与安全芯片的SPI通信接口、RSP-S20 PCI-E通信接口、RSP-S20与智能密码钥匙控制器SPI通信接口;In this step, the hardware interface self-test mainly detects the SPI communication interface between the password card RSP-S20 and the security chip, the RSP-S20 PCI-E communication interface, and the SPI communication interface between the RSP-S20 and the smart password key controller;

步骤302、物理噪声源芯片自测试:Step 302: Physical noise source chip self-test:

在本步骤中,密码卡RSP-S20通过单路物理噪声源芯片获取随机数,并对随机数进行随机性检测,根据检测结果判定物理噪声源芯片是否处于正常工作状态。采用串行方式,分别对2片物理噪声源芯片进行自测试。如果任何一片物理噪声源芯片不能通过自测试,则物理噪声源芯片上电自测试失败;In this step, the password card RSP-S20 obtains random numbers through a single physical noise source chip, and performs randomness detection on the random numbers, and determines whether the physical noise source chip is in normal working condition based on the detection results. In serial mode, two physical noise source chips are self-tested separately. If any physical noise source chip fails the self-test, the power-on self-test of the physical noise source chip fails;

步骤303、随机数自检:Step 303, random number self-check:

在本步骤中,密码卡RSP-S20对两路物理噪声源芯片产生的随机数进行异或计算,对异或计算结果进行随机数自测试;In this step, the password card RSP-S20 performs XOR calculation on the random numbers generated by the two physical noise source chips, and performs a random number self-test on the XOR calculation results;

步骤304、算法自检:Step 304: Algorithm self-check:

在本步骤中,算法自检由Z32HUA完成,按照本文算法自测试过程对算法运算功能进行自检。如果任何一个算法不能通过自检,则算法上电自检失败;In this step, the algorithm self-test is completed by Z32HUA, and the algorithm operation function is self-tested according to the algorithm self-test process in this article. If any algorithm fails the self-test, the algorithm power-on self-test fails;

步骤305、安全芯片固件完整性自检:Step 305: Security chip firmware integrity self-check:

在本步骤中,密码卡安全芯片实现固件完整性自检;In this step, the security chip of the cryptographic card implements a firmware integrity self-check;

步骤306、RSP-S20固件和密钥完整性自检:Step 306, RSP-S20 firmware and key integrity self-check:

在本步骤中,密码卡RSP-S20芯片实现固件完整性自检,实现密钥完整性自检;In this step, the RSP-S20 chip of the password card implements firmware integrity self-check and key integrity self-check;

步骤307、密码卡RSP-S20与安全芯片建立数据传输的加密通道。Step 307: The password card RSP-S20 establishes an encrypted channel for data transmission with the security chip.

可选地,本发明实施例提供的PCI-E接口密码卡,还包括密钥管理模块。Optionally, the PCI-E interface cryptographic card provided by the embodiment of the present invention further includes a key management module.

具体地,Z32HUA芯片内部定义密钥存储结构对密钥进行安全存储,Z32HUA芯片使用保护密钥对密钥数据进行加密存储,密钥数据格式与国密局相关标准中定义的SM2密钥对和对称密钥数据结构相同。Specifically, the Z32HUA chip defines a key storage structure internally to securely store keys. The Z32HUA chip uses a protection key to encrypt and store key data. The key data format is the same as the SM2 key pair and symmetric key data structure defined in the relevant standards of the National Cryptography Administration.

在具体的实施例中,PCI-E密码卡RSP-S20芯片与安全芯片数据传输使用密码卡内部SPI接口实现,RSP-S20与安全芯片之间通过通信保护密钥加密密钥,采用数字信封的方式共享RSP-S20与安全芯片的通信保护密钥,确保RSP-S20与安全芯片数据传输安全。In a specific embodiment, data transmission between the PCI-E cryptographic card RSP-S20 chip and the security chip is implemented using the internal SPI interface of the cryptographic card. The RSP-S20 and the security chip encrypt the key through a communication protection key, and the communication protection key between the RSP-S20 and the security chip is shared in a digital envelope to ensure the security of data transmission between the RSP-S20 and the security chip.

具体地,密码卡出厂前,需要使用设备初始化工具生成通信保护密钥加密密钥,并加密存储在RSP-S20芯片中。密码卡使用时,安全芯片生成1组随机数作为安全芯片与RSP-S20之间的通信保护密钥,安全芯片从RSP-S20中读取通信保护密钥加密密钥的公钥,采用数字信封机制实现通信保护密钥共享。除硬件接口检测指令以外,RSP-S20与安全芯片之间传输的数据,均通过通信保护密钥进行加密。Specifically, before the password card leaves the factory, it is necessary to use the device initialization tool to generate a communication protection key encryption key and encrypt and store it in the RSP-S20 chip. When the password card is used, the security chip generates a set of random numbers as the communication protection key between the security chip and the RSP-S20. The security chip reads the public key of the communication protection key encryption key from the RSP-S20 and uses a digital envelope mechanism to share the communication protection key. Except for the hardware interface detection instructions, all data transmitted between the RSP-S20 and the security chip are encrypted using the communication protection key.

在本实施例中,权限管理与访问控制功能主要由RSP-S20的权限管理控制模块和安全芯片的部分权限控制模块共同完成,RSP-S20通过密码卡内部RSP-S20与安全芯片加密通道向安全芯片同步当前权限状态。In this embodiment, the authority management and access control functions are mainly completed by the authority management control module of RSP-S20 and some authority control modules of the security chip. RSP-S20 synchronizes the current authority status to the security chip through the RSP-S20 and security chip encryption channel inside the password card.

具体地,RSP-S20的用户权限管理控制模块主要结合生命周期管理,使用智能密码钥匙进行注册和登录,以及对各个权限的功能划分与控制,实现权限管理控制功能。安全芯片的部分权限控制模块根据RSP-S20通过安全芯片与RSP-S20数据安全传输通道向安全芯片同步的权限状态实现密钥使用权限控制功能。Specifically, the user authority management control module of RSP-S20 mainly combines life cycle management, uses smart password keys for registration and login, and divides and controls the functions of each authority to realize the authority management control function. The partial authority control module of the security chip realizes the key usage authority control function according to the authority status synchronized to the security chip by the security chip and the RSP-S20 data security transmission channel of the security chip.

图4是本发明提供的PCI-E接口密码卡的PCB版图,如图4所示,本发明基于RSP_S20芯片设计了PCI-E接口密码卡,该密码卡PCI-E接口通道数为X16,每条通道最大传输速率为4Gb/s,解决了现有PCI-E接口密码卡通道少,通信速率低的问题,满足了云密码机等设备的高速加密要求,具有更强的适用性和更广的使用场景。Figure 4 is the PCB layout of the PCI-E interface password card provided by the present invention. As shown in Figure 4, the present invention designs a PCI-E interface password card based on the RSP_S20 chip. The number of PCI-E interface channels of the password card is X16, and the maximum transmission rate of each channel is 4Gb/s, which solves the problem of few channels and low communication rate of existing PCI-E interface password cards, meets the high-speed encryption requirements of devices such as cloud cryptographic machines, and has stronger applicability and wider usage scenarios.

图5是本发明实施例提供的电子设备的结构示意图,如图5所示,该电子设备500可以包括:处理器(processor)510、通信接口(Communications Interface)520、存储器(memory)530和通信总线540,其中,处理器510,通信接口520,存储器530通过通信总线540完成相互间的通信。处理器510可以调用存储器530中的逻辑指令,以执行PCI-E接口密码卡设计方法,该方法包括:通过所述物理噪声源芯片获取随机数;基于所述物理噪声源芯片获取的所述随机数,通过所述加密控制芯片进行高性能密码运算、设备管理、密钥数据管理、密钥存储和访问控制;通过所述安全芯片对密钥数据进行加密存储及权限管理;通过所述智能密码钥匙实现操作员和管理员身份验证和密钥数据备份。FIG5 is a schematic diagram of the structure of an electronic device provided by an embodiment of the present invention. As shown in FIG5, the electronic device 500 may include: a processor 510, a communication interface 520, a memory 530 and a communication bus 540, wherein the processor 510, the communication interface 520 and the memory 530 communicate with each other through the communication bus 540. The processor 510 may call the logic instructions in the memory 530 to execute the PCI-E interface password card design method, which includes: obtaining a random number through the physical noise source chip; based on the random number obtained by the physical noise source chip, performing high-performance cryptographic operations, device management, key data management, key storage and access control through the encryption control chip; encrypting and storing key data and managing permissions through the security chip; and realizing operator and administrator identity authentication and key data backup through the smart password key.

此外,上述的存储器530中的逻辑指令可以通过软件功能单元的形式实现并作为独立的产品销售或使用时,可以存储在一个计算机可读取存储介质中。基于这样的理解,本发明的技术方案本质上或者说对现有技术做出贡献的部分或者该技术方案的部分可以以软件产品的形式体现出来,该计算机软件产品存储在一个存储介质中,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行本发明各个实施例所述方法的全部或部分步骤。而前述的存储介质包括:U盘、移动硬盘、只读存储器(ROM,Read-Only Memory)、随机存取存储器(RAM,Random Access Memory)、磁碟或者光盘等各种可以存储程序代码的介质。In addition, the logic instructions in the above-mentioned memory 530 can be implemented in the form of a software functional unit and can be stored in a computer-readable storage medium when it is sold or used as an independent product. Based on such an understanding, the technical solution of the present invention, in essence, or the part that contributes to the prior art or the part of the technical solution, can be embodied in the form of a software product, and the computer software product is stored in a storage medium, including a number of instructions for a computer device (which can be a personal computer, a server, or a network device, etc.) to perform all or part of the steps of the method described in each embodiment of the present invention. The aforementioned storage medium includes: U disk, mobile hard disk, read-only memory (ROM, Read-Only Memory), random access memory (RAM, Random Access Memory), disk or optical disk, etc. Various media that can store program codes.

另一方面,本发明还提供一种计算机程序产品,所述计算机程序产品包括计算机程序,计算机程序可存储在非暂态计算机可读存储介质上,所述计算机程序被处理器执行时,计算机能够执行PCI-E接口密码卡设计方法,该方法包括:通过所述物理噪声源芯片获取随机数;基于所述物理噪声源芯片获取的所述随机数,通过所述加密控制芯片进行高性能密码运算、设备管理、密钥数据管理、密钥存储和访问控制;通过所述安全芯片对密钥数据进行加密存储及权限管理;通过所述智能密码钥匙实现操作员和管理员身份验证和密钥数据备份。On the other hand, the present invention also provides a computer program product, which includes a computer program, which can be stored on a non-transitory computer-readable storage medium. When the computer program is executed by a processor, the computer can execute a PCI-E interface password card design method, which includes: obtaining a random number through the physical noise source chip; based on the random number obtained by the physical noise source chip, performing high-performance cryptographic operations, device management, key data management, key storage and access control through the encryption control chip; encrypting and storing key data and managing permissions through the security chip; and realizing operator and administrator identity authentication and key data backup through the smart password key.

又一方面,本发明还提供一种非暂态计算机可读存储介质,其上存储有计算机程序,该计算机程序被处理器执行时实现以执行PCI-E接口密码卡设计方法,该方法包括:通过所述物理噪声源芯片获取随机数;基于所述物理噪声源芯片获取的所述随机数,通过所述加密控制芯片进行高性能密码运算、设备管理、密钥数据管理、密钥存储和访问控制;通过所述安全芯片对密钥数据进行加密存储及权限管理;通过所述智能密码钥匙实现操作员和管理员身份验证和密钥数据备份。On the other hand, the present invention also provides a non-transitory computer-readable storage medium having a computer program stored thereon, which, when executed by a processor, is implemented to execute a PCI-E interface password card design method, the method comprising: obtaining a random number through the physical noise source chip; based on the random number obtained by the physical noise source chip, performing high-performance cryptographic operations, device management, key data management, key storage and access control through the encryption control chip; encrypting and storing key data and performing permission management through the security chip; and realizing operator and administrator identity authentication and key data backup through the smart password key.

以上所描述的装置实施例仅仅是示意性的,其中所述作为分离部件说明的单元可以是或者也可以不是物理上分开的,作为单元显示的部件可以是或者也可以不是物理单元,即可以位于一个地方,或者也可以分布到多个网络单元上。可以根据实际的需要选择其中的部分或者全部模块来实现本实施例方案的目的。本领域普通技术人员在不付出创造性的劳动的情况下,即可以理解并实施。The device embodiments described above are merely illustrative, wherein the units described as separate components may or may not be physically separated, and the components displayed as units may or may not be physical units, that is, they may be located in one place, or they may be distributed on multiple network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the scheme of this embodiment. Those of ordinary skill in the art may understand and implement it without creative work.

通过以上的实施方式的描述,本领域的技术人员可以清楚地了解到各实施方式可借助软件加必需的通用硬件平台的方式来实现,当然也可以通过硬件。基于这样的理解,上述技术方案本质上或者说对现有技术做出贡献的部分可以以软件产品的形式体现出来,该计算机软件产品可以存储在计算机可读存储介质中,如ROM/RAM、磁碟、光盘等,包括若干指令用以使得一台计算机设备(可以是个人计算机,服务器,或者网络设备等)执行各个实施例或者实施例的某些部分所述的方法。Through the description of the above implementation methods, those skilled in the art can clearly understand that each implementation method can be implemented by means of software plus a necessary general hardware platform, and of course, it can also be implemented by hardware. Based on this understanding, the above technical solution is essentially or the part that contributes to the prior art can be embodied in the form of a software product, and the computer software product can be stored in a computer-readable storage medium, such as ROM/RAM, a disk, an optical disk, etc., including a number of instructions for a computer device (which can be a personal computer, a server, or a network device, etc.) to execute the methods described in each embodiment or some parts of the embodiment.

最后应说明的是:以上实施例仅用以说明本发明的技术方案,而非对其限制;尽管参照前述实施例对本发明进行了详细的说明,本领域的普通技术人员应当理解:其依然可以对前述各实施例所记载的技术方案进行修改,或者对其中部分技术特征进行等同替换;而这些修改或者替换,并不使相应技术方案的本质脱离本发明各实施例技术方案的精神和范围。Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of the present invention, rather than to limit it. Although the present invention has been described in detail with reference to the aforementioned embodiments, those skilled in the art should understand that they can still modify the technical solutions described in the aforementioned embodiments, or make equivalent replacements for some of the technical features therein. However, these modifications or replacements do not deviate the essence of the corresponding technical solutions from the spirit and scope of the technical solutions of the embodiments of the present invention.

Claims (13)

1. The PCI-E interface cipher card design method is characterized in that the PCI-E interface cipher card comprises an encryption control chip, a security chip, a physical noise source chip and an intelligent cipher key, wherein the encryption control chip is respectively and electrically connected with the security chip, the physical noise source chip and the intelligent cipher key, and the method comprises the following steps:
Acquiring a random number through the physical noise source chip;
based on the random number acquired by the physical noise source chip, performing high-performance password operation, equipment management, key data management, key storage and access control through the encryption control chip;
encrypting, storing and managing authority of the key data through the security chip;
And the intelligent cipher key is used for realizing the authentication and key data backup of operators and administrators.
2. The PCI-E interface cryptographic card design method according to claim 1, wherein the key data management includes:
The encryption control chip performs encryption management on key data through a three-level key structure, the three-level key comprises a first-level key, a second-level key and a third-level key, the first-level key is a protection key, the second-level key comprises one or more of a user key, a key encryption key, a backup key, a communication protection key encryption key, a communication protection key, a firmware protection key, a temporary key, a device key and an external authentication key of the device, and the third-level key is a session key.
3. The method for designing a PCI-E interface cryptographic card according to claim 2, wherein in the three-level key structure, the primary key performs encryption protection on the secondary key, and when the secondary key is stored in the cryptographic card, the primary key is used for performing encryption and then stored.
4. The PCI-E interface cryptographic card design method according to claim 1, wherein the role-based key access control includes: and performing authority management in the security chip, and synchronizing the authority state through an encryption channel between the encryption control chip and the security chip to realize cooperative access control of the encryption control chip and the security chip.
5. The PCI-E interface password card obtained by the PCI-E interface password card design method is characterized by comprising the following steps:
the encryption control chip is used for realizing high-performance password operation based on the random number acquired by the physical noise source chip and realizing the functions of equipment management, key data management, key storage and access control;
The security chip is used for carrying out encryption storage and authority management on the key data processed by the encryption control chip;
A physical noise source chip for acquiring random numbers;
the intelligent cipher key is used for realizing the authentication of operators and administrators and backing up the key data processed by the encryption control chip.
6. The PCI-E interface cryptographic card of claim 5, wherein said physical noise source chip specifically comprises: the first physical noise source chip and the second physical noise source chip are respectively and electrically connected with the encryption control chip.
7. The PCI-E interface card of claim 5, further comprising a power control chip electrically connected to the encryption control chip for converting a PCI-E interface voltage and powering other modules of the card.
8. The PCI-E interface cryptographic card of claim 7, wherein said physical noise source chip uses 2 RSP physical noise source chips T10 to implement 2 random sources that are backup to each other.
9. The PCI-E interface card as in claim 5, wherein said PCI-E interface card interfaces with a PC through a PCI-E X interface.
10. The PCI-E interface cryptographic card of claim 5, further comprising a key destruction module electrically connected to the encryption control chip and the security chip, respectively, through a key destruction interface for key destruction and key initialization operations.
11. The PCI-E interface cryptographic card of claim 10, wherein the key destruction and key initialization operations comprise:
Under the condition of power-on, the key is detected to be pressed, the encryption control chip starts a self-destruction program, destroys a temporary key, a user key, a password encryption key, a session key, an equipment external authentication key and a private key access control code hash value in a secondary key in the password card, and returns the equipment to an initial state.
12. The PCI-E interface password card according to claim 5, wherein the encryption control chip is electrically connected with a temperature sensor, and the temperature sensor is used for monitoring the temperature of the encryption control chip;
The encryption control chip is electrically connected with the indicator lamp through the I/O interface, the indicator lamp comprises a first state indicator lamp, a second state indicator lamp and an intelligent password key access indicator lamp, wherein the first state indicator lamp is used for representing whether power supply is normal after the password card is electrified, the second state indicator lamp is used for representing whether the password card is electrified and self-checked to pass through, and the intelligent password key access indicator lamp is used for representing whether the intelligent password key is accessed to the password card.
13. The PCI-E interface cryptographic card according to claim 5, wherein said encryption control chip is an RSP-S20 chip, said security chip is a Z32HUA chip, and said smart key is a Utap smart key.
CN202311813769.0A 2023-12-26 2023-12-26 PCI-E interface password card design method and PCI-E interface password card Active CN118153025B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202311813769.0A CN118153025B (en) 2023-12-26 2023-12-26 PCI-E interface password card design method and PCI-E interface password card

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202311813769.0A CN118153025B (en) 2023-12-26 2023-12-26 PCI-E interface password card design method and PCI-E interface password card

Publications (2)

Publication Number Publication Date
CN118153025A true CN118153025A (en) 2024-06-07
CN118153025B CN118153025B (en) 2025-01-07

Family

ID=91284261

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202311813769.0A Active CN118153025B (en) 2023-12-26 2023-12-26 PCI-E interface password card design method and PCI-E interface password card

Country Status (1)

Country Link
CN (1) CN118153025B (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN119544379A (en) * 2025-01-02 2025-02-28 江苏新质信息科技有限公司 A high-speed two-way authentication method and system

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020077986A1 (en) * 2000-07-14 2002-06-20 Hiroshi Kobata Controlling and managing digital assets
US20140372743A1 (en) * 2013-06-12 2014-12-18 Lookout, Inc. Method and system for rendering a stolen mobile communications device inoperative
CN106529221A (en) * 2016-11-22 2017-03-22 北京中金国信科技有限公司 FPGA program copying prevention method and PCI-E password card
CN106534136A (en) * 2016-11-22 2017-03-22 北京中金国信科技有限公司 PCI-E password card
CN110765438A (en) * 2019-10-24 2020-02-07 江苏云涌电子科技股份有限公司 High-performance password card and working method thereof
CN116526587A (en) * 2023-06-16 2023-08-01 国网山东省电力公司泰安供电公司 Photovoltaic grid-connected configuration-free system and method

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20020077986A1 (en) * 2000-07-14 2002-06-20 Hiroshi Kobata Controlling and managing digital assets
US20140372743A1 (en) * 2013-06-12 2014-12-18 Lookout, Inc. Method and system for rendering a stolen mobile communications device inoperative
CN106529221A (en) * 2016-11-22 2017-03-22 北京中金国信科技有限公司 FPGA program copying prevention method and PCI-E password card
CN106534136A (en) * 2016-11-22 2017-03-22 北京中金国信科技有限公司 PCI-E password card
CN110765438A (en) * 2019-10-24 2020-02-07 江苏云涌电子科技股份有限公司 High-performance password card and working method thereof
CN116526587A (en) * 2023-06-16 2023-08-01 国网山东省电力公司泰安供电公司 Photovoltaic grid-connected configuration-free system and method

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN119544379A (en) * 2025-01-02 2025-02-28 江苏新质信息科技有限公司 A high-speed two-way authentication method and system

Also Published As

Publication number Publication date
CN118153025B (en) 2025-01-07

Similar Documents

Publication Publication Date Title
CN113014539B (en) Internet of things equipment safety protection system and method
US11036869B2 (en) Data security with a security module
US10275364B2 (en) Secure island computing system and method
US10211977B1 (en) Secure management of information using a security module
CN102624699B (en) Method and system for protecting data
CN111815816B (en) Electronic lock security system and key distribution method thereof
CN104320389B (en) A kind of fusion identity protection system and method based on cloud computing
CN110795126A (en) A firmware security upgrade system
US12067148B2 (en) Security processor configured to authenticate user and authorize user for user data and computing system including the same
CN109460639A (en) A kind of license authentication control method, device, terminal and storage medium
CN113014444A (en) Internet of things equipment production test system and safety protection method
CN107508791A (en) A kind of terminal identity verification method and system based on distributed key encryption
WO2021128989A1 (en) Authentication method and device
CN116707795A (en) Information protection method for secure access gateway and a secure access gateway
CN118153025B (en) PCI-E interface password card design method and PCI-E interface password card
CN110932853B (en) Key management device and key management method based on trusted module
TWI789291B (en) Module and method for authenticating data transfer between a storage device and a host device
CN118761107A (en) A security management method for solid state hard disk and solid state hard disk
CN118413369A (en) Signature program encryption method and device, signature program decryption method and device
CN204066120U (en) A kind of FPGA based on CPLD chip encrypts and parameter configuring system
CN202276360U (en) Trusted mobile storage system based on security chips
CN114173303B (en) Vehicle-ground session key generation method and system for CTCS-3 level train control system
CN104899480A (en) Software copyright protection and management method based on combined public key identity authentication technology
CN103647654B (en) A kind of power distribution terminal key management method based on trust computing
CN111343421B (en) Video sharing method and system based on white-box encryption

Legal Events

Date Code Title Description
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant