[0065] In order to make the object, technical solution and advantages of the present invention clearer, the present invention will be further described in detail below with reference to the accompanying drawings and examples.
[0066] The present invention mainly embeds a module for certificate authentication in a memory card with a standard interface, stores confidential information through hardware and completes the certificate authentication process, so that the speed of certificate authentication can be improved while ensuring safety, and has a relatively Large scope of application. The certificate authentication device of the present invention may be called MobileKey.
[0067] figure 1 It is a schematic diagram of the existing memory card structure, such as figure 1 As shown, it includes a common storage module 101, a storage control module 102 and an interface module 103;
[0068] Wherein the ordinary storage module 101 is used for storing ordinary data, and is generally implemented by a flash memory (FLASH) chip; the storage control module 102 is connected with the ordinary storage module 101 and the interface module 103 respectively, and is used for reading and writing control of data to the ordinary storage module 101, etc. , generally implemented by an independent chip; the interface module 103 is used to send and receive data, and can be implemented by using standard interfaces such as Secure Digital Card (SD)/Multimedia Card (MMC)/Memory Stick (Memory Stick).
[0069] In the specific embodiment of the present invention, the following modules for certificate authentication will be added to the existing memory card structure:
[0070] The secure storage module is used to store private information used for certificate authentication, such as digital certificates, private key information corresponding to digital certificates, key seeds and other undiscloseable information, and is not used for storage of ordinary data.
[0071] The operation processing module is used to perform hardware acceleration on the encryption algorithm, for example, it can be an RSA (an encryption algorithm) operation acceleration engine, a random number generator, an AES (an encryption algorithm) operation engine, etc., depending on the specific encryption algorithm used varies.
[0072] The safety control module is used to schedule the operation processing module to perform operations, and control the safety storage module to store and output data, etc.
[0073] The above three modules can be physically implemented by an independent chip, such as a smart card chip, a dedicated co-processing chip, etc., and are connected to the storage control module through serial ports, ISO7816, serial peripheral interface (SPI) and other bus methods. It is also possible to integrate the above three modules into chips where other existing modules are located, for example, integrate all of the above three modules into the chip where the storage control module is located; or integrate the security storage module into the FLASH chip where the common storage module is located. The processing module and the security control module are integrated in the chip where the storage control module is located.
[0074] figure 2 It is a schematic structural diagram of the certificate authentication device in Embodiment 1 of the present invention, as shown in figure 2 As shown, the device includes: a common storage module 201 , a storage control module 202 , and an interface module 203 , a secure storage module 204 , an operation processing module 205 , and a security control module 206 .
[0075] Among them, the functions and connections of the ordinary storage module 201 , the storage control module 202 and the interface module 203 are the same as those of the existing memory card, and will not be repeated here. The secure storage module 204 is connected to the operation processing module 205 and the security control module 206 respectively, and the security control module 206 is also connected to the storage control module 202, and the security storage module 204 is integrated into an independent security processing module 205 and the security control module 206 Among the chips, the ordinary storage module 201 is implemented by a FLASH chip, and the storage control module 202 is implemented by a controller chip.
[0076] image 3 It is a schematic structural diagram of the certificate authentication device in Embodiment 2 of the present invention, as shown in image 3 As shown, the device includes: a common storage module 301 , a storage control module 302 , an interface module 303 , a secure storage module 304 , an operation processing module 305 , and a security control module 306 .
[0077] Wherein, the functions and connection relationships of each module are the same, and will not be repeated here. The difference from Embodiment 1 is that the secure storage module 304, the arithmetic processing module 305, the secure control module 306 and the storage control module 302 are integrated in the controller chip.
[0078] Figure 4 It is a schematic structural diagram of the certificate authentication device in Embodiment 3 of the present invention, as shown in Figure 4 As shown, the device includes: a common storage module 401 , a storage control module 402 , an interface module 403 , a secure storage module 404 , an arithmetic processing module 405 , and a security control module 406 .
[0079] Wherein, the functions and connection relationships of each module are the same, and will not be repeated here. The difference from Embodiments 1 and 2 is that the secure storage module 404 and common storage module 401 are integrated in the FLASH chip, while the arithmetic processing module 405, security control module 406 and storage control module 402 are integrated in the controller chip.
[0080] Of course, for the certificate authentication device of the present invention, since the function of the common storage module has nothing to do with the certificate authentication, it is not necessary. In addition, not limited to the above three embodiments, the secure storage module, the arithmetic processing module and the secure control module in the present invention can also be physically realized by independent chips, or integrated into any chip in the existing memory card.
[0081] For the above-mentioned certificate authentication device, because the application of certificate authentication is extended on the interface of the standard memory card, the standard memory card protocol does not support the access to the module used for certificate authentication in the card. If the access to the certificate-authenticated module is not available, the certificate-authenticated authentication process and the certificate update process will not be realized. In this regard, we have designed a method to access the module used for certificate authentication in the card through the shared address. The specific steps are as follows: Figure 5 shown, including:
[0082] Step 501, predefine a special address.
[0083] This special address can be a certain address or a certain range of addresses, which can be determined according to needs. Since the memory card is an external storage device, it can only be operated by a write or read command, and the specific write or read address is specified in the write or read command, so by defining a special address, when the write or read command is received, pass By judging the address specified in the instruction, it is distinguished whether the external application program performs read and write operations on the existing common storage module in the certificate authentication device, or performs operations on the module used for certificate authentication in the present invention.
[0084] Step 502, determine the command data according to the special address.
[0085] When the external application program needs to access the data in the card, for example, when the storage control module in the controller chip receives the write command sent by the external application program through the interface module, it is judged whether the address specified in the write command is a predefined special address. If it is a special address, further check the validity of the data carried by the write command. The validity check is actually for security considerations to prevent the command from being tampered with in the middle. Generally speaking, the checksum method can be used for verification, or Using encryption algorithm, etc., the specific verification method can use any existing verification method, which will not be repeated here. Of course, if the security requirements are not high, the verification can not be performed here; if the verification fails, the The data carried by the write command is stored in the common storage module as common data. If the verification is passed, it will be sent to the security control module as command data; in addition, if it is not a special address, the data carried by the write command will be directly stored as ordinary data in the ordinary storage module.
[0086] Step 503, perform corresponding processing according to the command data.
[0087]When the security control module receives the command data, it parses and responds to the command data for corresponding processing. The command data contains the operation instructions of the external application program for each module used for certificate authentication in the present invention, for example, it can call the operation processing module Perform operations such as encrypting and generating keys for the private information stored in the secure storage module, or store private information data in the secure storage module. After processing the response command data, the security control module outputs the response data obtained after processing the response command data to the storage control module.
[0088] Step 504, feed back the processed data.
[0089] After the storage control module receives the response data fed back by the security control module, it reorganizes the response data of the specific application and stores it in the buffer area inside the storage control module. Since the format of the data processed in the memory card is different from the data format required by the external application, the storage control module needs to repackage the response data into the data format required by the external program, so that the external application can read it. Pick. In addition, because the memory card is a passive device, external applications can only obtain data through read instructions. Therefore, when the storage control module receives the memory card read command sent by the external application through the interface module, it needs to judge whether the address specified by the read command is a predefined special address, if it is a special address, and the storage control module has completed the processing of the response data For reorganization, the reorganized response data is used as the feedback data of the memory card read command, and fed back to the external application through the interface module.
[0090] In the above process, the external application program sends read and write instructions to the special address, which can be realized in two ways, one is to directly use the application program interface (API) of the system to read and write the data of the physical address; the other is to read and write The file that covers this sector, through the reading and writing of a certain data block of the file, realizes the data reading and writing of the physical address through the file system. In addition, the specific application function instructions of the external application program for the authenticated module can be carried in the read and write instructions as the data specified by the read and write instructions.
[0091] Through the above method, the external application program can realize the access to the module used for certificate authentication in the memory card, and those skilled in the art can realize the specific process of certificate authentication according to the access method, because the present invention does not The certificate authentication process is improved, so the process of implementing the certificate authentication through the certificate authentication device of the present invention will not be repeated here.
[0092] In order to improve the security of the MobileKey during use, the Certification Center (CA) will set the validity period for the digital certificate when assigning the MobileKey. Once the validity period expires, the digital certificate will become invalid. Failed to pass identity authentication. Therefore, in order to ensure the normal use of MobileKey, CA needs to update the digital certificate of MobileKey.
[0093] Since the MobileKey cannot directly establish communication with the CA, and most of the MobileKey is offline, it is difficult to update the digital certificate. One possible method is that the user regularly renews the MobileKey digital certificate at the place designated by the CA, but this digital certificate renewing process is cumbersome and will bring a lot of inconvenience to the user.
[0094] In view of this, the present invention provides a MobileKey digital certificate renewal method, which simplifies the MobileKey digital certificate renewal process.
[0095] The MobileKey in the present invention can update the digital certificate online through the terminal, that is, when the MobileKey is connected to the terminal, use the data connection channel between the terminal and the CA, such as WLAN, GPRS, etc., to complete the update of the MobileKey digital certificate. MobileKey first generates public and private key pairs according to the agreement negotiated with CA in advance, and initiates a digital certificate update request to CA. After receiving the update request, CA re-issues the digital certificate for MobileKey. key to replace the invalid digital certificate and private key to complete the entire update process.
[0096] The following takes the typical application of the certificate update process when the MobileKey is connected to a mobile terminal as an example to describe in detail. Of course, when the MobileKey is connected to other terminals such as a personal computer (PC), the certificate update process is the same.
[0097] First of all, the MobileKey needs to store private information such as the MobileKey ID that can uniquely identify the MobileKey identity, the MobileKey digital certificate, and the CA digital certificate. Among them, the CA digital certificate contains the public key of the CA, and correspondingly, the CA digital certificate is stored in the CA. The private key of the corresponding CA.
[0098] like Image 6 As shown, the digital certificate renewal process includes the following steps:
[0099] Step 601: When the MobileKey digital certificate becomes invalid, MobileKey starts the certificate renewal process, first generates a new public-private key pair and session key according to the pre-negotiated protocol with the CA, and sends a renewal request to the CA through the connected mobile terminal.
[0100] The update request carries the following request information: MobileKey identifier, expired MobileKey digital certificate, new public key, CA digital signature and session key generated according to the pre-negotiated agreement with CA. For the security transmission of information, the request information must Encrypt with the CA's public key.
[0101] Among them, the expired MobileKey digital certificate contains the MobileKey identity encrypted with the CA's private key. The MobileKey logo and the expired MobileKey digital certificate are used to allow the CA to judge whether the MobileKey is a legitimate user in the CA domain. If the security requirements are not high, the step of judging whether the MobileKey is a legal user in the CA domain can be omitted. At this time, the update request It is also possible not to carry the MobileKey logo and invalid MobileKey digital certificate.
[0102] CA digital signature refers to the data obtained by encrypting certain information with the private key of the CA. For example, in this embodiment, the data obtained after the CA encrypts the serial number of the invalid MobileKey digital certificate stored in the certificate authentication device, Of course, any other unique information can be encrypted to obtain the CA digital signature. The CA digital signature is sent to MobileKey when CA issues a digital certificate for MobileKey, that is, when CA issued a MobileKey digital certificate to MobileKey last time (the expired MobileKey digital certificate stored in the certificate authentication device), it was sent to MobileKey.
[0103] In addition, the CA digital signature cannot be sent in the MobileKey digital certificate, that is, the CA digital signature cannot be made public. The CA digital signature is set to prevent the mobile terminal from spoofing the CA. It is stored in the MobileKey and cannot be obtained by the mobile terminal. Moreover, since the mobile terminal does not have the private key of the CA, the CA digital signature cannot be forged, so the mobile terminal cannot forge the MobileKey. The update request sent by the CA to deceive the CA.
[0104] The session key is set to prevent the mobile terminal from spoofing the MobileKey. Since the session key is only passed between the MobileKey and the CA, the mobile terminal does not know the session key of the CA and the MobileKey. Therefore, the mobile terminal cannot decrypt the response information, nor can it Spoof MobileKey by forging the response message.
[0105] In the process of digital certificate renewal, CA digital signature and session key can be used at the same time, that is to say, both CA digital signature and session key are carried in the update request; only CA digital signature or session key can be used, When the CA digital signature is not used, the CA does not need to send the CA digital signature when issuing a new digital certificate for MobileKey; of course, if the security requirements for possible man-in-the-middle attacks are not high, you can also not use it. The CA digital certificate can also ensure high security by encrypting the communication between MobileKey and CA. The following describes in detail the case where the CA digital signature and the session key are used at the same time, and the request information is encrypted with the CA's public key.
[0106] Step 602: After the CA receives the update request sent by the MobileKey, it judges whether the MobileKey is a legal user in the CA domain, that is, the CA first decrypts the received request information with the private key of the CA, recovers the plaintext of the request information, and then uses The public key of the CA decrypts the signature of the CA in the MobileKey digital certificate, recovers the plaintext of the MobileKey identification, and judges whether the recovered MobileKey identification is the same as the MobileKey identification carried in the update request sent by the MobileKey. If they are the same, it means that the MobileKey is For legitimate users in the CA domain, continue to execute step 603; if different, it means that the MobileKey is not a legal user in the CA domain, and the CA terminates the communication with the MobileKey, that is, ends the processing of this process.
[0107] Step 603: The CA judges whether the update request is sent by the MobileKey according to the CA digital signature carried in the update request, and if so, executes step 604; otherwise, the CA terminates the session, that is, ends the processing of this flow.
[0108] Specifically, the CA decrypts the CA digital signature with its own public key, recovers the plaintext of the serial number of the MobileKey certificate, and judges whether the recovered serial number of the MobileKey certificate is consistent with the serial number in the MobileKey digital certificate carried in the update request sent by MobileKey. The same, if they are the same, it means that the update request is sent by MobileKey, because only MobileKey has the signature of the CA on the serial number of the MobileKey certificate, that is, the CA digital signature, and then perform step 604; if they are different, it means that the update request is not sent by MobileKey coming, the CA terminates the session and ends this process.
[0109] If the update request does not carry the CA digital signature, then, after determining in step 602 that the MobileKey is a legitimate user in the CA domain, step 604 can be directly performed without performing step 603 .
[0110] Step 604: The CA uses the MobileKey carried in the update request to generate a new public key for the MobileKey according to the agreement negotiated with the CA in advance, and re-issues a new digital certificate for the MobileKey, and encrypts the re-issued digital certificate with the session key sent by the MobileKey , use the private key of the CA to encrypt the serial number of the newly issued digital certificate to obtain a new CA digital signature, and then use the session key sent by MobileKey to encrypt the new CA digital signature; then, return to MobileKey through the mobile terminal Update response, the response information carried in the update response includes the encrypted new digital certificate and the encrypted new CA digital signature; if the session key is not used, the newly issued new digital certificate and the new CA digital signature do not need to be encrypted , the update response carries the newly issued new digital certificate and the plaintext of the digital signature of the CA.
[0111] Step 605: After MobileKey receives the update response returned by the CA, it decrypts the response information with the session key, recovers the new digital certificate of the MobileKey, and replaces the original one in the MobileKey with the new digital certificate and the private key generated according to the agreement negotiated with the CA in advance. Invalid digital certificate and private key; replace the original CA digital signature with a new CA digital signature.
[0112]So far, the entire digital certificate renewal process is over. The certificate update method can update the digital certificate online through the mobile terminal. While ensuring the security of the update process, it can simplify the update process of the MobileKey digital certificate, and the user does not need to regularly go to the place designated by the CA to update the MobileKey digital certificate. Updating greatly facilitates users.
