CN112088376B - File storage method, device and storage medium - Google Patents
File storage method, device and storage medium Download PDFInfo
- Publication number
- CN112088376B CN112088376B CN201880093094.8A CN201880093094A CN112088376B CN 112088376 B CN112088376 B CN 112088376B CN 201880093094 A CN201880093094 A CN 201880093094A CN 112088376 B CN112088376 B CN 112088376B
- Authority
- CN
- China
- Prior art keywords
- file
- hash
- updated
- data block
- hash value
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING OR CALCULATING; COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/78—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
A file storage method, a device and a storage medium, wherein the method comprises the steps of encrypting a first file under a Trusted Execution Environment (TEE) to obtain a second file, carrying out hash operation on the second file to obtain a first hash value, writing the first hash value into a safe partition in a memory and writing the second file into a common partition in the memory, wherein the safe partition is used for preventing the file from being tampered and/or rolled back, and the first hash value is used for checking whether the second file is legal or not when the second file is decrypted to obtain the first file. The security of encryption and hash operation processes can be ensured in the TEE. The second file and the first hash value are stored separately, so that the difficulty of tampering the second file can be improved. The corresponding first hash value of the second file is written into the secure partition, and the second file is written into the common partition, so that the second file can be prevented from being tampered and/or rolled back through the first hash value occupying smaller memory.
Description
Technical Field
The present application relates to the field of data security technologies, and in particular, to a method and apparatus for storing a file, and a storage medium.
Background
With the vigorous development of internet technology, files to be stored in terminal devices are also growing continuously, and particularly some important files are more and more required to be stored properly. The file storage method in the prior art generally comprises the steps of obtaining a file to be stored, generating a key, encrypting the file to be stored by using the key to obtain an encrypted file, and writing the encrypted file into a memory. In this way, the file is stored with low security, and therefore, the stored file is easily tampered with.
To further increase the security of stored files, in particular of some sensitive files (such as fingerprint information, keys, etc.), it is currently a secure partition to store these sensitive files in a non-volatile storage medium, such as a playback protected memory block (replay protected memory block, RPMB) partition of an Embedded Multimedia Memory Card (EMMC) or an RPMB partition of a universal flash storage (universal flash storage, UFS), etc.
However, the size of the secure partition in the nonvolatile storage medium is limited, and the secure storage of a large file cannot be supported, and thus the security of the stored file is still low.
Disclosure of Invention
The embodiment of the application provides a file storage method, a file storage device and a storage medium, which are used for improving the security of stored files.
In a first aspect, an embodiment of the present application provides a file storage method, where the method includes encrypting a first file under a trusted execution environment TEE to obtain a second file, and performing a hash operation on the second file to obtain the first hash value, writing the first hash value into a secure partition in a memory, and writing the second file into a normal partition in the memory, where the secure partition is used to prevent the file from being tampered and/or prevent the file from being rolled back, and the first hash value is used to check whether the second file is legal when decrypting the second file to obtain the first file.
In the embodiment of the application, the encryption of the first file and the hash operation of the second file are executed in the TEE, so that the security of the encryption process and the hash operation process can be improved. Moreover, the corresponding first hash value of the second file is written into the secure partition in the memory, and the secure partition is used for preventing the file from being tampered and/or preventing the file from being rolled back, so that the first hash value of the secure partition can prevent from being tampered and/or rolled back, and the first hash value is smaller relative to the data volume of the second file, and the occupied memory is smaller, so that the prevention of the second file from being tampered and/or rolled back can be realized through the first hash value occupying smaller memory.
In one possible implementation manner, in order to achieve partial update of a first file, the first file comprises M data blocks, the second file comprises M encrypted data blocks, M is an integer greater than or equal to 2, encryption is conducted on the first file to obtain the second file, encryption operation is conducted on the M data blocks to obtain the M encrypted data blocks, hash operation is conducted on the second file to obtain the first hash value, hash operation is conducted on the M encrypted data blocks to obtain M second hash values, hash operation is conducted on the M second hash values to obtain the first hash value, and the M encrypted data blocks and the M second hash values are in one-to-one correspondence to each other. On one hand, the data quantity of each encryption and hash operation can be reduced, and the encryption and hash operation efficiency can be improved, and on the other hand, the first hash value is obtained by encrypting the M second hash values, so that the efficiency of calculating the first hash value can be further improved.
In one possible implementation manner, in order to ensure the integrity of the data written into the secure partition and the validity of the terminal device writing the data into the secure partition, the hashing operation is performed on the M second hash values to obtain a first hash value, and includes performing a hash message authentication code HMAC operation on the M second hash values to obtain the first hash value.
In a possible implementation manner, the M second hash values may be written into a normal partition, and the first hash value may be written into a secure partition, so that the data volume of the first hash value is smaller, and the second file with a larger data volume may be prevented from being tampered and/or rolled back by using the first hash value with a smaller data volume. Or the M second hash values and the first hash value may also be written to the secure partition. In this way, on the one hand, the security of the second file may be improved by storing M encrypted data blocks separately from M second hash values, and on the other hand, each encrypted data block may be prevented from being tampered with and/or rolled back with the second hash values, respectively, i.e., the second file may be prevented from being tampered with and/or rolled back by a more efficient operation.
In a possible implementation manner, the processor reads a block of data when reading the data in the memory, in order to improve the efficiency of the processor in accessing the data, the M second hash values may be written into the normal partition by taking a hash block as a storage unit, or the M second hash values may be written into the secure partition by taking a hash block as a storage unit, where one hash block includes at least one second hash value, and the size of Ha Xikuai may be determined according to the granularity of the data accessed by the processor and the size of the second hash value.
Optionally, the size of the hash block is related to granularity of the processor accessing the data, and the hash value is written into the memory according to the hash block as a storage unit to realize memory alignment, so that the subsequent processor can also read according to the hash block when reading the data, thereby reducing the access times of the processor and further improving the data reading and writing efficiency of the processor.
In one possible implementation, the secure partition includes a playback protected memory block RPMB partition.
In one possible implementation manner, an update request is received, the update request comprises a data block identifier and data to be updated, the data block identifier is used for indicating an encrypted data block to be updated in the common partition, the encrypted data block to be updated is obtained from the common partition according to the data block identifier, a second hash value corresponding to the encrypted data block to be updated is obtained, if the encrypted data block to be updated is legal according to the second hash value corresponding to the encrypted data block to be updated, the encrypted data block to be updated is updated according to the data to be updated, and the second hash value corresponding to the encrypted data block to be updated is updated. Thus, when the partial data of the second file needs to be updated, the partial updating of the encrypted data block can be realized, and the updating efficiency of updating the encrypted data block can be further improved.
In one possible implementation manner, the updating of the encrypted data block to be updated according to the data to be updated may be that the encrypted data block to be updated is decrypted to obtain the data block to be updated, the data block to be updated is updated with the data to be updated to obtain the updated data block, the updated data block is encrypted to obtain the updated encrypted data block, the second hash value corresponding to the encrypted data block to be updated is updated, including that the second hash value corresponding to the encrypted data block to be updated is subjected to hash operation to obtain a third hash value, and the second hash value corresponding to the encrypted data block to be updated is updated to the third hash value. Therefore, the whole second file does not need to be decrypted, encrypted and then the hash value of the whole updated second file is calculated, and the expenditure caused by whole encryption, decryption and hash operation is reduced.
In a second aspect, the embodiment of the application provides a file storage device, which comprises a processor and a memory, wherein the processor is used for encrypting a first file under a Trusted Execution Environment (TEE) to obtain a second file and carrying out hash operation on the second file to obtain a first hash value, the processor is also used for writing the first hash value into a safe partition in the memory and writing the second file into a common partition in the memory, the safe partition is used for preventing the file from being tampered and/or preventing the file from rolling back, and the first hash value is used for checking whether the second file is legal or not when the second file is decrypted to obtain the first file.
In one possible implementation manner, the first file includes M data blocks, the second file includes M encrypted data blocks, where M is an integer greater than or equal to 2, the processor is specifically configured to perform encryption operation on the M data blocks to obtain the M encrypted data blocks, perform hash operation on the M encrypted data blocks to obtain M second hash values, and perform hash operation on the M second hash values to obtain the first hash value, where the M encrypted data blocks and the M second hash values are in one-to-one correspondence.
In a possible implementation manner, the processor is specifically configured to perform an HMAC operation on the M second hash values to obtain the first hash values.
In one possible implementation, the processor is further configured to write the M second hash values to the normal partition, or write the M second hash values to the secure partition.
In a possible implementation manner, the processor is specifically configured to write the M second hash values into the normal partition with a hash block as a storage unit, or write the M second hash values into the secure partition with a hash block as a storage unit, where one hash block includes at least one second hash value, and the size of Ha Xikuai is determined according to the granularity of processor read-write data and the size of the second hash value.
In one possible implementation, the secure partition includes a playback protected memory block RPMB partition.
In one possible implementation manner, the device further comprises an interface, wherein the interface is used for receiving an update request, the update request comprises a data block identifier and data to be updated, the data block identifier is used for indicating an encrypted data block to be updated in the common partition, the processor is further used for acquiring the encrypted data block to be updated from the common partition according to the data block identifier, acquiring a second hash value corresponding to the encrypted data block to be updated, and updating the encrypted data block to be updated according to the data to be updated if the encrypted data block to be updated is determined to be legal according to the second hash value corresponding to the encrypted data block to be updated.
In one possible implementation manner, the processor is specifically configured to decrypt the encrypted data block to be updated to obtain a data block to be updated, update the data block to be updated with the data to be updated to obtain an updated data block, encrypt the updated data block to obtain an updated encrypted data block, perform hash operation on the updated encrypted data block to obtain a third hash value, and update a second hash value corresponding to the encrypted data block to be updated to the third hash value.
In a third aspect, an embodiment of the present application provides a file storage device, including an encryption unit, a processing unit, a secure partition, and a normal partition, where the encryption unit is configured to encrypt a first file in a trusted execution environment to obtain a second file, and perform a hash operation on the second file to obtain a first hash value, the processing unit is configured to write the first hash value into the secure partition in a memory, and write the second file into the normal partition in the memory, the secure partition is configured to prevent the file from being tampered and/or prevent the file from rolling back, and the first hash value is configured to check whether the second file is legal when the second file is obtained from a storage area other than the secure partition.
In one possible design, the first file includes M data blocks, the second file includes M encrypted data blocks, where M is an integer greater than or equal to 2, the encryption unit is specifically configured to perform encryption operation on the M data blocks to obtain M encrypted data blocks, perform hash operation on the M encrypted data blocks to obtain M second hash values, and perform hash operation on the M second hash values to obtain the first hash value, where the M encrypted data blocks and the M second hash values are in one-to-one correspondence.
In one possible design, the encryption unit is specifically configured to perform a hash message authentication code HMAC operation on the M second hash values to obtain the first hash value.
In one possible design, the processing unit is further configured to write the M second hash values to a normal partition, or write the M second hash values to a secure partition.
In one possible design, the processing unit is specifically configured to write the M second hash values into a common partition with a hash block as a processing unit, or write the M second hash values into the secure partition with a hash block as a storage unit, where one hash block includes at least one hash value of an encrypted data block, and the size of Ha Xikuai is determined according to the granularity of access data by the processor and the size of the second hash value.
In one possible design, the secure partition includes a playback protected memory block RPMB partition.
In one possible design, the device further comprises a transceiver unit, wherein the transceiver unit is used for receiving an update request, the update request comprises a data block identifier and data to be updated, the data block identifier is used for indicating an encrypted data block to be updated in the common partition, the processing unit is further used for acquiring the encrypted data block to be updated from the common partition according to the data block identifier, acquiring a second hash value corresponding to the encrypted data block to be updated, and updating the encrypted data block to be updated according to the data to be updated if the encrypted data block to be updated is determined to be legal according to the second hash value corresponding to the encrypted data block to be updated.
In one possible design, the processing unit is specifically configured to decrypt the encrypted data block to be updated to obtain a data block to be updated, update the data block to be updated with the data to be updated to obtain an updated data block, encrypt the updated data block to obtain an updated encrypted data block, perform a hash operation on the updated encrypted data block to obtain a third hash value, and update a second hash value corresponding to the encrypted data block to be updated to the third hash value.
In a fourth aspect, embodiments of the present application provide a computer storage medium having instructions stored therein which, when run on a computer, cause the computer to perform the method of the first aspect or any of the possible implementations of the first aspect.
In a fifth aspect, embodiments of the application provide a computer program product comprising instructions which, when run on a computer, cause the computer to perform the method of the first aspect or any of the possible implementations of the first aspect.
Drawings
Fig. 1 is a schematic diagram of a software framework of a trusted environment of a terminal device according to an embodiment of the present application;
Fig. 2 is a schematic diagram of a terminal device software and hardware architecture according to an embodiment of the present application;
FIG. 3 is a schematic flow chart of a file storage method according to an embodiment of the present application;
FIG. 4 is a flowchart illustrating another method for storing files according to an embodiment of the present application;
FIG. 4a is a schematic diagram of an architecture for storing a first file according to an embodiment of the present application;
Fig. 5 is a schematic flow chart of a method for reading data from an RPMB partition of a UFS according to an embodiment of the present application;
Fig. 6 is a schematic flow chart of a method for writing data to an RPMB partition of a UFS according to an embodiment of the present application;
Fig. 7 is a schematic diagram of a data structure of an RPMB partition according to an embodiment of the present disclosure;
FIG. 8 is a schematic diagram of a file storage device according to an embodiment of the present application;
fig. 9 is a schematic structural diagram of a file storage device according to an embodiment of the present application.
Detailed Description
The terms first, second and the like in the description and in the claims and in the above-described figures are used for distinguishing between similar elements and not necessarily for describing a particular sequential or chronological order. Furthermore, the terms "comprise" and "have," as well as any variations thereof, are intended to cover a non-exclusive inclusion, such as a series of steps or elements. The method, system, article, or apparatus is not necessarily limited to those explicitly listed but may include other steps or elements not explicitly listed or inherent to such process, method, article, or apparatus.
It should be understood that in the present application, "at least one (item)" means one or more, and "a plurality" means two or more. "and/or" is used to describe an association relationship of an associated object, and indicates that three relationships may exist, for example, "a and/or B" may indicate that only a exists, only B exists, and three cases of a and B exist simultaneously, where a and B may be singular or plural. The character "/" generally indicates that the context-dependent object is an "or" relationship. "at least one of" or the like means any combination of these items, including any combination of single item(s) or plural items(s). For example, at least one of a, b or c may represent a, b, c, "a and b", "a and c", "b and c", or "a and b and c", wherein a, b, c may be single or plural.
The realization of various functions of the terminal equipment is dependent on the trusted environment in the terminal equipment, and the trusted environment of the terminal equipment is physically isolated into two concurrent execution environments, namely a common non-secret execution environment and a safe secret environment by a method of using hardware and software in a mixed manner. The normal non-secure execution environment may be referred to as a normal execution environment (rich execution environment, REE), and the secure execution environment may be referred to as a trusted execution environment (trusted execution environment, TEE). In the embodiment of the application, the concept that TEE is provided by Global Platform (GP) of a standard organization for security of smart cards and terminal devices is taken as an example for illustration, and the terminal devices can be smart phones, smart televisions, tablet computers, set-top boxes, network video players and the like. Fig. 1 is a schematic diagram of a software framework of a trusted environment of a terminal device according to an embodiment of the present application. As shown in fig. 1, the software framework of the trusted environment of the terminal device includes a re software architecture and a TEE software architecture.
The REEs are typically running environments of terminal device operating systems such as mobile operating systems (iPhone operating system, iOS) of android or apple companies. The REE software architecture includes client applications, TEE function application programming interfaces (application programming interface, APIs), TEE client APIs, and common operating systems, among others. The client application may be provided to a client application used by a user, may be a client application of an operator, and may also be a third party client application, such as a WeChat or a payment treasury. The client application may have files that need to be securely stored. The TEE functionality API may provide a set of interfaces for client applications to access TEE security services (such as storage and encryption algorithms). The TEE client API may provide a communication interface for client applications running in the re environment to access trusted applications (trusted application, TA) in the TEE environment and to exchange data with the TA. The common operating system comprises a public device driving module, a REE communication proxy module and the like. The common device driving module can provide an interface between the hardware device and the common operating system, and is used for informing the common operating system of the functions of the hardware device and converting the instructions of the common operating system into commands which can be recognized by the hardware device. The REE communication agent may be used for messaging between the client application and the TA.
The TEE provides a relatively secure closed execution environment that ensures that various sensitive files are stored and protected in a trusted environment. The TEE software architecture includes a TA, TEE internal APIs, and a trusted operating system. The TA is running in the TEE, and the TA may provide security services (such as secure storage and encryption) to its user, and communication between the TA and the TA may be through the TEE internal API. The TEE internal API may define a set of APIs for TAs running within the TEE that define development interfaces for TAs running within the TEE, and in particular may provide scheduling, communication and memory management interfaces, as well as APIs interfaces for secure storage, cryptographic services, encryption, and the like. The trusted operating system comprises a TEE communication proxy module, a trusted core framework module, a trusted function module and the like. The TEE communication agent and the REE communication agent may in combination enable secure transfer of messages between the client application and the TA. The trusted core framework provides trusted operating system functionality to the TA. The trusted function module may provide auxiliary facility support to the application developer.
Fig. 2 is a schematic diagram illustrating an architecture of terminal device software and hardware according to an embodiment of the present application. As shown in fig. 2, the terminal device includes a software and hardware architecture of the REE, and a software and hardware architecture of the TEE.
The software and hardware architecture of the REE comprises REE hardware, REE hardware driving modules, a common operating system, a TEE client API, a client application and the like. The REE hardware includes input/output interfaces, memory, and central processing units (central processing unit, CPU) among other devices. The REE hardware driver can provide a common execution environment hardware device driver under a common operating system, such as a driver of hardware devices like an EMMC, when the common operating system needs to use the hardware devices, such as writing a file to the EMMC, the common operating system can firstly send a corresponding instruction to a driver of the EMMC, and after the driver of the EMMC receives the instruction, the driver of the EMMC translates the instruction into an electronic signal command which can be identified by the EMMC, so that the file is written to the EMMC. The common operating system includes a REE communication agent and REE applications under the common operating system, such as a REE client application accessing TA in the TEE. The TEE client API may provide an interface for client applications to access the TA, and may employ a GP client standard interface.
The software and hardware architecture of the TEE includes secure hardware, secure hardware drivers, trusted operating systems, TEE internal core APIs, and TAs, among others. The secure hardware includes devices such as secure input/output interfaces, secure processors, secure memory, and trusted devices. In one possible implementation, the secure input/output interface in the secure hardware may be a secure mode of the input/output interface of the REE or may be an input/output interface isolated from the input/output interface of the REE, the secure processor may be a secure mode of the CPU in the REE or may be a processor isolated from the CPU, and the secure memory may be a partition of the memory in the REE or may be a secure mode of the memory of the REE. The secure hardware driver may provide a driver for the secure hardware device, such as a fingerprint device driver for reading fingerprint information of a fingerprint acquisition device (trusted device), the fingerprint information being a file to be stored, an EMMC driver for reading a file in the EMMC or writing a file to the EMMC, etc. The trusted operating system may provide trusted operating system functions such as storage, encryption (e.g., hash, encryption operations), and core security function modules such as TEE communication agents. The processing module may provide a unified secure data storage service and an API in a TEE environment. The encryption module can provide security services such as encryption and decryption, private key signature, hash operation and the like in the TEE environment.
Based on the foregoing, fig. 3 illustrates a flowchart of a file storage method according to an embodiment of the present application. The file storage method is executed in the TEE of fig. 1 or fig. 2, and the security of the storage process can be improved by executing the file storage method in the TEE. As shown in fig. 3, the method includes:
Step S301, encrypt the first file to obtain a second file, and hash the second file to obtain a first hash value.
In one possible implementation manner, the first file is a file to be stored, and can be in the form of text or pictures, etc., the encryption mode of the first file can be symmetric key encryption, asymmetric key encryption or hardware encryption, and the encryption is performed by adopting the symmetric key, so that the encryption speed is higher. Alternatively, encrypting the first file and hashing the second file may be performed by an encryption module in the trusted operating system in the TEE of fig. 2 described above.
Step S302, writing the first hash value into a secure partition in a memory, and writing the second file into a common partition in the memory;
The first hash value is used for checking whether the second file is legal or not when the first file is obtained by decrypting the second file.
In a possible implementation manner, the common partition of the memory may be a storage area other than the secure partition, the second file is obtained from the common partition in the memory, the same hash operation is performed on the obtained second file to obtain a hash value, and if it is determined that the calculated hash value is the same as the first hash value obtained from the secure partition, it is indicated that the obtained second file is legal.
In the embodiment of the present application, as can be seen from the above steps S301 and S302, the encryption of the first file and the hash operation of the second file are performed in the TEE, so that the security of the encryption process and the hash operation process can be improved. Moreover, only after the second file and the first hash value are tampered, the second file can be tampered, but the embodiment of the application writes the second file into the common partition in the memory, writes the first hash value into the secure partition, namely, the second file and the corresponding first hash value of the second file are stored separately, and the separate storage can improve the difficulty of tampering the second file and is beneficial to improving the security of the second file.
Further, the corresponding first hash value of the second file is written into the secure partition in the memory, and the secure partition is used for preventing the file from being tampered and/or rolled back, so that the first hash value of the secure partition can prevent the file from being tampered and/or rolled back, and the first hash value is smaller in occupied memory relative to the data volume of the second file, so that the second file can be prevented from being tampered and/or rolled back by the first hash value occupying smaller memory.
In step S301, in order to improve the update efficiency of the second file, a possible implementation manner is to update the portion of the second file that needs to be updated. Fig. 4 is a schematic flow chart illustrating another file storage method according to an embodiment of the present application, where partial update of a stored file may be implemented by using the file storage method shown in fig. 4, so that update efficiency of the file may be improved. As shown in fig. 4, the file storage method includes:
In step S401, the first file is divided into M data blocks, wherein M is an integer greater than or equal to 2.
In one possible implementation, the size of the data block may be determined according to the granularity at which the processor accesses the data, where the processor treats the memory as a block, and the size of the block may be 2,4, 8, or 16 bytes, so that the processor reads a block when reading the memory, and the size of the block is referred to as the processor storage data granularity. For example, in a 32-bit processor, the processor accesses the memory in 32 bits, i.e., 4 bytes for each read or write, e.g., 16 bytes of memory with memory addresses 0x 0-0 xF, and for the processor, instead of considering it as 16 single bytes, 4 blocks of 4 bytes each, i.e., in this case, the processor accesses the data in 4 bytes, the size of the data block may be determined to be a positive integer multiple of 4 bytes. When the data blocks are stored after being encrypted, the memory alignment can be realized, so that when the processor needs to read the data, the data blocks can be read one at a time, the access times of the processor can be reduced, and the data reading efficiency of the processor can be improved. Optionally, after the first file is divided into a plurality of data blocks, the remaining data of the first file is divided into a size smaller than a data block, for example, a positive integer multiple smaller than 4 bytes, and the remaining data of the first file may be rounded up into a complete data block in a complementary manner. Correspondingly, when decrypting the data block which is formed by the mode of supplementing 0, the supplementing 0 is removed.
And step S402, respectively carrying out encryption operation on the M data blocks to obtain M encrypted data blocks, wherein the second file comprises the M encrypted data blocks.
In an alternative embodiment, the encryption of the M data blocks may be performed by means of a symmetric key, by means of an asymmetric key, or by means of hardware encryption. Optionally, the key used for encrypting the M data blocks may be the same key or different keys, and the same key is used for encrypting the M data blocks respectively, so that encryption efficiency can be increased, one key needs to be stored, and the storage number of the keys can be reduced. Different keys can be used for encryption for different data blocks, so that the security of the first file storage can be enhanced. Alternatively, the encrypted keys may be stored in a secure partition of the memory to increase the security of the keys.
Step S403, performing hash operation on the M encrypted data blocks to obtain M second hash values, and performing hash operation on the M second hash values to obtain a first hash value.
Wherein the M encrypted data blocks are in one-to-one correspondence with the M second hash values. On the one hand, the hash operation inputs one encrypted data block, and the data quantity of the encrypted data block is smaller than that of the whole second file, so that the calculation efficiency of the second hash value can be improved, and on the other hand, after the M second hash values are obtained, the hash operation is carried out by taking the M second hash values as inputs, so that the first hash value of the second file is obtained, and the data quantity of the M second hash values is smaller than that of the M encrypted data blocks, so that the calculation efficiency of the first hash value can be further improved.
In a possible implementation manner, the first hash value is obtained by performing a hash operation on the M second hash values, which may be that the first hash value is obtained by performing a hash message authentication code (HASH MESSAGE authentication code, HMAC) operation on the M second hash values. The HMAC operation is a key-based hash algorithm that is implemented by using a hash function, a key, and a message to generate a fixed-length value as an authentication identifier, and using this identifier to authenticate the integrity of the message. Specifically, a message digest (i.e., a value with a fixed length) is generated as output by taking a shared key with a receiving end and a message as input of HMAC operation, and the message digest and the message are transmitted together to the receiving end, and the receiving end performs authentication and other legality of the receiving end and integrity of the message by using the shared key with the transmitting end, wherein the shared key is agreed in advance in two. Hash functions include, but are not limited to, message digest algorithm fifth edition (MESSAGE DIGEST algorithm, MD 5), secure hash algorithms (secure hash algorithm, SHA), such as SHA-1 and SHA-2 (SHA-256, SHA-384, and SHA-512).
In connection with fig. 2, the above-described steps S402 and S403 may be performed in an encryption module in the trusted operating system of the TEE. In the embodiment of the application, the shared secret key can be stored in the safe partition of the memory and isolated from the REE, and the shared secret key can not be acquired by the REE, so that the safety of the shared secret key can be improved.
In step S404, the second file and the M second hash values are written into the normal partition, and the first hash value is written into the secure partition. That is, only the first hash value is written to the secure partition. The first hash value is smaller in data quantity, and the first hash value smaller in data quantity is stored in the secure partition, so that the second file can be prevented from being tampered and/or rolled back through the first hash value smaller in data quantity. Moreover, the storage of the second file with larger data volume can be realized by the common partition of the second file stored in the memory, and the whole second file can be prevented from being tampered and/or rolled back by using the first hash value with smaller data volume in the secure partition.
In step S405, the second file is written into the normal partition, and the M second hash values and the first hash value are written into the secure partition. By writing the M second hash values into the secure partition, the M encrypted data blocks and the M second hash values are stored separately, and the security of the M encrypted data blocks is improved. Further, preventing each encrypted data block from being tampered with and/or rolled back may be accomplished by each of the M second hash values in the secure partition.
In one possible implementation, the M second hash values are written to the normal partition with the hash block as a storage unit, or the M second hash values are written to the secure partition with the hash block as a storage unit. The size of the hash block is determined according to the granularity of access data of the processor and the size of the second hash value. For example, if the processor access data granularity is 4 bytes, the hash block size may be determined to be a positive integer multiple of 4 bytes. If Ha Xikuai is determined to be 4 bytes in size, and the hash value of the encrypted data block is calculated to be 256 bits in size through SHA-256, 128 second hash values are included in one hash block. If Ha Xikuai is determined to be 4 bytes in size and the hash value of the encrypted data block is calculated by SHA-512, the size of the obtained second hash value is 512 bits, then 64 second hash values are included in one hash block. Thus, the data access efficiency of the processor can be improved by writing the M second hash values into the safe partition of the memory or the common partition in the memory by taking the hash blocks as storage units.
The sequence is not shown between the step S404 and the step S405, and the step S404 or the step S405 is executed after the step S403. That is, after step S403, if step S404 is executed, step S405 is not executed, and if step S405 is executed, step S404 is not executed.
To facilitate understanding of the solution, the present application is illustrated by the following examples. Fig. 4a is an exemplary schematic diagram of an architecture for storing a first file according to an embodiment of the present application. As shown in FIG. 4a, the first file includes M data blocks, and the size of each data block may be determined according to the granularity of access to the data by the processor, and in the embodiment of the present application, a 32-bit processor is taken as an example, and the size of each data block is assumed to be determined to be 4 bytes. And respectively encrypting the M data blocks to obtain M encrypted data blocks, wherein the M encrypted data blocks form a second file. And respectively carrying out hash operation on the M encrypted data blocks to obtain M second hash values, and carrying out HMAC operation on the M second hash values to obtain a first hash value, wherein if the hash operation adopts SHA-256, the size of the second hash value is 256 bits, and the size of the 128 second hash values is 4K, so that one hash block comprises 128 second hash values, the size of the hash block is 4 bytes, and the M second hash values are written in a secure partition or a common partition according to the hash block as a storage unit.
In the embodiment of the application, in order to further facilitate storing the M second hash values by taking the hash blocks as the storage units, the M data blocks may be grouped according to the hash operation when the second hash values are calculated and the granularity of the data accessed by the processor. For example, if SHA-256 is adopted in the hash operation for calculating the second hash value, the size of the second hash value is 256 bits, and if the granularity of the access data of the processor is 4 bytes, 128 second hash values are required to form a hash block, and one second hash value corresponds to one encrypted data block, so that 128 data blocks can be divided into one data set. That is, one data set corresponds to 128 second hash values, one hash block is formed, and M second hash values are stored with the hash block as a storage unit.
The embodiment of the application provides an alternative implementation manner of updating part of the files in the first file after storing the first file according to the storage methods from step S401 to step S402. The method comprises the steps of receiving an updating request, wherein the updating request comprises a data block identifier and data to be updated, the data block identifier is used for indicating an encrypted data block to be updated in the common partition, acquiring the encrypted data block to be updated from the common partition according to the data block identifier, acquiring a second hash value corresponding to the encrypted data block to be updated, and updating the encrypted data block to be updated according to the data to be updated if the encrypted data block to be updated is legal according to the second hash value corresponding to the encrypted data block to be updated.
In a possible implementation manner, after the second hash value corresponding to the encrypted data block to be updated and the encrypted data block to be updated is obtained, the obtained encrypted data block to be updated is hashed by using the same hash operation, and if the calculated hash value is the same as the obtained second hash value corresponding to the encrypted data block to be updated, the encrypted data block to be updated is determined to be legal.
In a possible implementation manner, after verifying that the encrypted data block to be updated is legal, decrypting the encrypted data block to be updated to obtain the data block to be updated, updating the data block to be updated with the data to be updated to obtain an updated data block, encrypting the updated data block to obtain an updated encrypted data block, performing hash operation on the updated encrypted data block to obtain a third hash value, and updating a second hash value corresponding to the encrypted data block to be updated to the third hash value. Therefore, the whole second file does not need to be decrypted, encrypted and then the hash value of the whole updated second file is calculated, and the expenditure caused by whole encryption, decryption and hash operation is reduced.
In one possible implementation manner, after updating the second hash value corresponding to the encrypted data block to be updated with the third hash value, performing a hash operation on the (M-1) second hash values and the third hash value to obtain a new hash value corresponding to the second file, and updating the first hash value with the new hash value.
In the embodiment of the application, the secure partition comprises an RPMB partition or other secure partition based on the RPMB partition technology. The RPMB partition may be a partition with security features in EMMC, or may be a partition with security features in universal flash storage (universal flash storage, UFS). RPMB partition or other secure partition based on RPMB partition technology has the property of preventing files written to the secure partition from being illegally tampered with and/or rolled back, so in practical applications, some important files are typically written in the secure partition, such as fingerprint files, key files, serial numbers, digital rights management files, and the like.
The present embodiments provide an alternative implementation of writing a first hash value to an RPMB partition of a UFS. In this embodiment, when the terminal device writes data to the RPMB partition of the UFS, the UFS will check the validity of the terminal device, and only the specific terminal device can write the data. Moreover, when the terminal equipment reads data from the RPMB partition of the UFS, a checking mechanism is also provided, so that the data read by the terminal equipment is ensured to be the data on the RPMB partition and not the data forged by an attacker. Fig. 5 is a schematic flow chart of a method for reading data from an RPMB partition of a UFS according to an embodiment of the present application. This embodiment is described with reference to reading the count value in the RPMB partition of the UFS. As shown in fig. 5, the method includes:
in step S501, the terminal device sends a request for reading the calculated value in the RPMB partition to the UFS.
The request for reading the calculated value in the RPMB partition further comprises a first random number, and the first random number is randomly generated by the terminal equipment.
In step S502, the UFS reads a first count value from the RPMB partition according to the request for reading the count value in the RPMB partition, where the first count value is the current count value in the RPMB partition.
In one possible implementation, the UFS maintains a count value that is initialized to zero, which is incremented by one every time data is successfully written to the RPMB partition, and which is not restored.
In step S503, the UFS uses the shared key, the first random number, and the first count value as inputs of the HMAC operation, and generates a first message authentication code (Message Authentication Code, MAC).
Optionally, the shared key is agreed in advance by legal terminal equipment and the UFS, and is burnt in an RPMB partition of the UFS when the UFS leaves the factory. Among them, the MAC essence is a hash value, and one feature of the hash operation is that even if only one bit of the original data is changed, the hash values of the two are completely different. If a malicious attacker tampers data in the data transmission process, the message authentication code generated by the UFS according to the received data and the shared key is different from the received message authentication code, authentication is not passed, and the data cannot be written into the UFS.
Step S504, the UFS sends the first MAC, the received first random number, and the read first count value to the terminal device.
In step S505, after receiving the first MAC, the first random number, and the first count value sent by the UFS, the terminal device determines whether the received first random number is consistent with the first random number included in the request for reading the count value in the RPMB partition in step S501, if so, executes step S506, and if not, executes step S509.
In step S506, the terminal device uses the locally stored shared key, the first random number and the received first count value as inputs of HMAC operation, and generates a second MAC.
Step S507, the terminal equipment determines whether the second MAC and the first MAC are the same, if so, step S508 is executed, and if not, step S509 is executed.
In step S508, the terminal device determines that the read first count value is the first count value in the RPMB partition of the UFS.
In step S509, the terminal device discards the read data.
Through the steps S501 to S509, the terminal device reads that the first count value in the RPMB partition of the UFS needs to be authenticated, the UFS calculates the first message authentication code, and then the terminal device authenticates the data according to the received first message authentication code and the generated second message authentication code. In this way, a malicious attacker can be prevented from replacing the first count value with malicious data in the data transmission process (from the UFS to the terminal device), so that the first count value read by the terminal device can be ensured to be the first count value in the RPMB partition of the UFS, and not the data forged by the attacker. In the embodiment of the present application, the process of reading other data from the RPMB partition of the UFS is the same as the process of reading the first count value, which is not described herein.
The terminal device needs to acquire the current count value in the RPMB partition before writing data into the RPMB partition. Based on the first count value in the RPMB partition of the UFS read in fig. 5, fig. 6 illustrates a flowchart of a method for writing data to the RPMB partition of the UFS according to an embodiment of the present application. In this embodiment, taking the data to be stored as the first hash value as an example, as shown in fig. 6, the method includes:
In step S601, the terminal device uses the shared key, the read first count value and the first hash value as inputs of HMAC operation, and generates a third MAC.
In an alternative embodiment, the shared key is the same as the shared key in step S503 described above.
In step S602, the terminal device sends the first hash value, the first count value, and the third MAC to the UFS.
Step S603, after the UFS receives the first hash value, the first count value and the third MAC sent by the terminal equipment, determining whether the received first count value is consistent with the current count value in the RPMB partition of the UFS, if so, executing step S604, and if not, executing step S607;
Step S604, the UFS takes the received first hash value, the first count value and the shared key as the input of HMAC operation to generate a fourth MAC;
step S605, the UFS determines whether the fourth MAC is the same as the received third MAC, if so, step S606 is executed, and if not, step S607 is executed;
In step S606, the UFS writes the first hash value to the RPMB partition.
In connection with fig. 1 and 2 described above, there are two implementations of writing the first hash value to the RPMB partition. The first implementation manner is that the first hash value is written into the RPMB partition of the REE through the TEE client API and through a shared memory mode, specifically, the encryption module can call the TEE client API, write the first hash value into the shared memory, notify a common execution environment hardware driving module (RPMB driving program) in the common execution environment, and write the data in the shared memory into the RPMB partition. The other implementation mode is through the TEE communication agent and the REE communication agent, specifically, the TEE communication agent sends a first hash value to the REE communication agent, and after the REE communication agent receives the first hash value, the REE communication agent sends an instruction for writing the first hash value into the RPMB partition to the RPMB driver, and the RPMB driver writes the first hash value into the RPMB partition.
In step S607, the UFS refuses writing of the first hash value.
After the above step S606, the first count value in the RPMB partition is incremented by one. Thus, even if the malicious attacker steals the first hash value, the first count value, and the third MAC in step S602, the third MAC is generated by computing the first count value and the first hash value. After the first hash value is successfully written into the RPMB partition, the first count value in the RPMB partition is incremented by one, and the thief cannot generate the MAC after the first count value is incremented by one, so that the first hash value cannot be repeatedly written into the RPMB partition of the UFS. In this way, data written to the RPMB partition may be prevented from being rolled back (also referred to as replayed).
Optionally, the process of writing the M second hash values into the secure partition is the same as the process of writing the first hash values into the secure partition, which is not described herein.
In one possible implementation, when writing data to be stored to an RPMB partition, the data to be stored needs to be encapsulated into a data structure of the RPMB partition. Fig. 7 is a schematic diagram illustrating a data structure of an RPMB partition according to an embodiment of the present disclosure. As shown in fig. 7, the data of the RPMB partition includes a start (start) field, a stuff byte (stuff bytes) field, a MAC field, a data (data) field, a nonce (nonce) field, a count value (write counter) field, a data address (DATA ADDRESS) field, a logical block count value (block count) field, an operation result (operation result) field, a request/response (request/response) field, a cyclic redundancy check (cyclic redundancy check, CRC) field, and an end (end) field. The cyclic redundancy check field is used for detecting errors of the data transmission function, performing multiple calculations on the data, attaching the calculated result to the back of the data, and the receiving device also executes a similar algorithm to ensure the correctness and the integrity of the data transmission, and has a length of 2 bytes. The request/response field defines a request type/response type, which is 2 bytes in length, and indicates a response type when data is written to the RPMB partition, and when data is read from the RPMB partition. The count value field is used to indicate the number of times data is successfully written, and has a length of 4 bytes. The MAC field is 32 bytes in length depending on the request type/response type. The operation result field contains status information (valid, expired) about the written calculation value, and has a length of 2 bytes. The data address field is used to indicate the logical address of reading or writing data to the RPMB partition, and is 2 bytes in length, which may be a sequence number of accessed half sectors, with the first address being 0x0000. The random number is a random number generated when the terminal device sends a request to the memory, and has a length of 16 bytes. The data represents data to be written or read-out data, the data to be written can be a first hash value and/or M second hash values, the read-out data can be a count value, and the length of the data is 256 bytes. The block count value field is used to indicate the number of specified read logical blocks (half sector, 256 bytes) or the number of specified write logical blocks, which is 2 bytes in length. The pad word may be used for memory, and when M second hash values are stored in the RPMB partition in a hash manner, the second hash values that do not satisfy one hash block may be hashed into one hash block with 0 pad bytes, and the length is 196 bits.
Based on the foregoing and the same, the present application provides a file storage device 800 for performing the above-described method. Fig. 8 illustrates a schematic structure of a file storage device according to the present application, and as shown in fig. 8, a file storage device 800 includes a processor 801, a memory 802, and a bus 803, where the processor 801 and the memory 802 may be connected to each other through the bus 803.
The processor 801 is configured to encrypt a first file under a trusted execution environment TEE to obtain a second file, and perform a hash operation on the second file to obtain the first hash value, write the first hash value into a secure partition in the memory 802, and write the second file into a normal partition in the memory 802, where the secure partition is used to prevent the file from being tampered and/or rolled back, and the first hash value is used to check whether the second file is legal when decrypting the second file to obtain the first file.
The processor 801 may be a central processor 801 (central processing unit, CPU), a network processor 801 (network processor, NP) or a combination of CPU and NP. The processor 801 may further include a hardware chip. The hardware chip may be an application-specific integrated circuit (ASIC), a programmable logic device (programmable logic device, PLD), or a combination thereof. The PLD may be a complex programmable logic device (comple programmable logic device, CPLD), a field-programmable gate array (FPGA) GATE ARRAY, generic array logic (GENERIC ARRAY logic, GAL), or any combination thereof.
Memory 802 for storing software instructions, processor 801 invoking the stored program instructions, may perform one or more steps in the embodiments shown in the schemes described above, or alternative implementations thereof.
The memory 802 may include a non-volatile memory 802 (non-volatile memory), such as UFS, EMMC, flash memory 802 (flash memory), a hard disk (HARD DISK DRIVE, HDD) or a Solid State Disk (SSD), and the memory 802 may also include a combination of the above types of memory 802.
Bus 803 may be a peripheral component interconnect standard (PERIPHERAL COMPONENT INTERCONNECT, PCI) bus, or an extended industry standard architecture (extended industry standard architecture, EISA) bus, among others. The buses may be divided into address buses, data buses, control buses, etc. For ease of illustration, only one thick line is shown in fig. 8, but not only one bus or one type of bus.
In one possible design, memory 802 may be integrated with processor 801.
In an alternative embodiment, the first file includes M data blocks, the second file includes M encrypted data blocks, where M is an integer greater than or equal to 2, the processor 801 is specifically configured to perform encryption operation on the M data blocks to obtain the M encrypted data blocks, perform hash operation on the M encrypted data blocks to obtain M second hash values, and perform hash operation on the M second hash values to obtain the first hash value, where the M encrypted data blocks and the M second hash values are in one-to-one correspondence.
In a possible implementation manner, the processor 801 is specifically configured to perform a hash message authentication code HMAC operation on the M second hash values to obtain the first hash values.
In an alternative embodiment, the processor 801 is further configured to write the M second hash values to the normal partition, or write the M second hash values to the secure partition.
In an alternative implementation manner, the processor 801 is specifically configured to write the M second hash values into the normal partition with a hash block as a storage unit, or write the M second hash values into the secure partition with a hash block as a storage unit, where one hash block includes at least one second hash value, and the size of Ha Xikuai is determined according to the granularity of processor read-write data and the size of the second hash value.
In an alternative embodiment, the secure partition includes a playback protected memory block RPMB partition.
In an alternative implementation mode, the device further comprises an interface, wherein the interface is used for receiving an update request, the update request comprises a data block identifier and data to be updated, the data block identifier is used for indicating an encrypted data block to be updated in the common partition, the processor is further used for acquiring the encrypted data block to be updated from the common partition according to the data block identifier, acquiring a second hash value corresponding to the encrypted data block to be updated, and updating the encrypted data block to be updated according to the data to be updated if the encrypted data block to be updated is legal according to the second hash value corresponding to the encrypted data block to be updated.
In an alternative embodiment, the processor 801 is specifically configured to decrypt the encrypted data block to be updated to obtain a data block to be updated, update the data block to be updated with the data to be updated to obtain an updated data block, encrypt the updated data block to obtain an updated encrypted data block, perform a hash operation on the updated encrypted data block to obtain a third hash value, and update a second hash value corresponding to the encrypted data block to be updated to the third hash value.
Based on the foregoing and the same, the present application provides a file storage device 900 for performing the above-described method. Fig. 9 illustrates a schematic structure of a file storage device provided by the present application, and as shown in fig. 9, a file storage device 900 includes an encryption unit 901, a processing unit 902, a secure partition 903, and a normal partition 904.
The encryption unit 901 is configured to encrypt a first file under a trusted execution environment to obtain a second file, and perform hash operation on the second file to obtain a first hash value;
the processing unit 902 is configured to write the first hash value to the secure partition in the memory and write the second file to a normal partition in the memory, where the secure partition is configured to prevent the file from being tampered with and/or prevent the file from rolling back, and the first hash value is configured to check whether the second file is legal when the second file is decrypted to obtain the first file.
It should be understood that the above division of units of the file storage device is merely a division of a logic function, and may be fully or partially integrated into a physical entity or may be physically separated. In the embodiment of the present application, the encryption unit 901 and the processing unit 902 related to fig. 9 may be implemented by the processor 801 in fig. 8. That is, the encryption unit 901 and the processing unit 902 may execute the scheme executed by the processor 801 in fig. 8, and the rest of the content may be referred to the above, which is not described herein.
In the above-described embodiments, may be implemented in whole or in part by software, hardware, or a combination thereof, and when implemented using a software program, may be implemented in whole or in part in the form of a computer program product. The computer program product includes one or more instructions. When the computer program instructions are loaded and executed on a computer, the processes or functions in accordance with embodiments of the present application are produced in whole or in part. The computer may be a general purpose computer, a special purpose computer, a computer network, or other programmable apparatus. The instructions may be stored in a computer storage medium or transmitted from one computer storage medium to another computer storage medium, for example, the instructions may be transmitted from one website, computer, server, or data center to another website, computer, server, or data center by means of wired (e.g., coaxial cable, fiber optic, twisted pair), or wireless (e.g., infrared, wireless, microwave, etc.). Computer storage media may be any medium that can be accessed by a computer or a data storage device including one or more media integrated servers, data centers, and the like. The medium may be a magnetic medium (e.g., a floppy disk, a hard disk, a magnetic tape, a magneto-optical disk (MO), etc.), an optical medium (e.g., an optical disk), or a semiconductor medium (e.g., ROM, EPROM, EEPROM, solid State Disk (SSD)), etc.
Embodiments of the present application are described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems) and computer program products according to embodiments of the application. It will be understood that each flow and/or block of the flowchart illustrations and/or block diagrams, and combinations of flows and/or blocks in the flowchart illustrations and/or block diagrams, can be implemented by instructions. These instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
It will be apparent to those skilled in the art that various modifications and variations can be made to the present application without departing from the spirit or scope of the application. Thus, it is intended that the present application also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.
Claims (18)
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| PCT/CN2018/093929 WO2020000491A1 (en) | 2018-06-30 | 2018-06-30 | File storage method and apparatus, and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN112088376A CN112088376A (en) | 2020-12-15 |
| CN112088376B true CN112088376B (en) | 2025-04-08 |
Family
ID=68985847
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201880093094.8A Active CN112088376B (en) | 2018-06-30 | 2018-06-30 | File storage method, device and storage medium |
Country Status (2)
| Country | Link |
|---|---|
| CN (1) | CN112088376B (en) |
| WO (1) | WO2020000491A1 (en) |
Families Citing this family (8)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112632641B (en) * | 2020-12-31 | 2024-07-12 | 深圳市九洲电器有限公司 | Production software secure encryption transmission method and electronic equipment |
| CN114020705A (en) * | 2021-10-19 | 2022-02-08 | 卓尔智联(武汉)研究院有限公司 | File processing method and device and storage medium |
| CN114239050A (en) * | 2021-11-12 | 2022-03-25 | 希姆通信息技术(上海)有限公司 | Method and system for secure storage of key file based on Android system |
| CN116089967B (en) * | 2022-05-12 | 2024-03-26 | 荣耀终端有限公司 | Data rollback prevention method and electronic equipment |
| CN117492635A (en) * | 2022-07-25 | 2024-02-02 | 荣耀终端有限公司 | Data storage method and electronic equipment |
| CN115292257B (en) * | 2022-10-09 | 2023-01-24 | 广州鲁邦通物联网科技股份有限公司 | Method and system for detecting illegal deletion of files |
| CN115883542A (en) * | 2022-12-08 | 2023-03-31 | 湖北天融信网络安全技术有限公司 | File downloading method and device, storage medium and electronic equipment |
| CN119150334B (en) * | 2024-11-20 | 2025-03-14 | 北京畅想之星信息技术有限公司 | A method, device, computing equipment and storage medium for obtaining encrypted files |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104392188A (en) * | 2014-11-06 | 2015-03-04 | 三星电子(中国)研发中心 | Security data storage method and system |
| CN107659410A (en) * | 2017-08-30 | 2018-02-02 | 湖南众享政联科技有限公司 | Based on the anti-tamper official document transmission of block chain and storage method |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| KR101506578B1 (en) * | 2008-07-17 | 2015-03-30 | 삼성전자주식회사 | File system configuration method and apparatus for data security, method and apparatus for accessing data security area formed by the same, and data storage device thereby |
| JP6242036B2 (en) * | 2011-11-17 | 2017-12-06 | ソニー株式会社 | Information processing apparatus, information storage apparatus, information processing system, information processing method, and program |
| CN103166952B (en) * | 2012-11-16 | 2016-04-27 | 太原科技大学 | A kind of embedded onboard data collection station |
| CN103530201B (en) * | 2013-07-17 | 2016-03-02 | 华中科技大学 | A kind of secure data De-weight method and system being applicable to standby system |
| CN103530578B (en) * | 2013-10-18 | 2016-01-27 | 武汉大学 | The construction method of a kind of soft structure credible platform module STPM of Android system |
-
2018
- 2018-06-30 CN CN201880093094.8A patent/CN112088376B/en active Active
- 2018-06-30 WO PCT/CN2018/093929 patent/WO2020000491A1/en active IP Right Grant
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104392188A (en) * | 2014-11-06 | 2015-03-04 | 三星电子(中国)研发中心 | Security data storage method and system |
| CN107659410A (en) * | 2017-08-30 | 2018-02-02 | 湖南众享政联科技有限公司 | Based on the anti-tamper official document transmission of block chain and storage method |
Also Published As
| Publication number | Publication date |
|---|---|
| WO2020000491A1 (en) | 2020-01-02 |
| CN112088376A (en) | 2020-12-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN112088376B (en) | File storage method, device and storage medium | |
| US8929544B2 (en) | Scalable and secure key management for cryptographic data processing | |
| US10116645B1 (en) | Controlling use of encryption keys | |
| US8528104B2 (en) | Security and ticketing system control and management | |
| US10284372B2 (en) | Method and system for secure management of computer applications | |
| CN102138300B (en) | Application of message authentication code precomputation in secure memory | |
| EP2711859B1 (en) | Secured computing system with asynchronous authentication | |
| US10003467B1 (en) | Controlling digital certificate use | |
| CN113557703B (en) | Authentication method and device of network camera | |
| US10027640B2 (en) | Secure data re-encryption | |
| EP4186202A1 (en) | Master key escrow process | |
| CN110598429B (en) | Method, terminal device and storage medium for encrypted storage and reading of data | |
| TW200832438A (en) | Secure co-processing memory controller integrated into an embedded memory subsystem | |
| US8774407B2 (en) | System and method for executing encrypted binaries in a cryptographic processor | |
| CN111339201B (en) | Evaluation method and system based on block chain | |
| US9367700B2 (en) | System and method for establishing a shared secret for communication between different security domains | |
| CN112311718A (en) | Method, device and equipment for detecting hardware and storage medium | |
| CN114722410A (en) | A cryptographic module, cryptographic operation method, CPU chip and electronic device | |
| CN117157623A (en) | System and method for protecting secrets when used in conjunction with containerized applications | |
| CN110602075A (en) | File stream processing method, device and system for encryption access control | |
| CN110659522B (en) | Storage medium security authentication method and device, computer equipment and storage medium | |
| CN107332833A (en) | Method of calibration and device | |
| US20230208821A1 (en) | Method and device for protecting and managing keys | |
| CN118592007A (en) | Information processing device and information processing system | |
| CN118199884A (en) | Task execution method and device based on block chain |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |