System and method for resisting physical attacks of printer

Abstract

The invention provides a system and method for resisting physical attacks of a printer. By encrypting and verifying plaintext data of a printer storage and an interface and monitoring behaviors of theprinter in real time to achieve early warning on the potential attack behaviors, the purpose of improving the security of the printer is achieved; a main control module achieves a security protectionfunction on the printer storage through a storage security module, achieves a security protection function on the interface through an interface security module and conducts monitoring and early warning on the physical attacks through a behavior security module; and a security trusted module is used for managing encryption keys, decryption keys and verification values which are used in the storage security module and the interface security module and conducting encryption, decryption and integrity verification on used data. According to the system and method, the physical attacks such as tapping, counterfeiting and resetting for the interface and the storage of the printer system are effectively resisted, the security of the printer is improved, the encryption efficiency of the printer storage is high, and the system and method can be applied to the printer system requiring high confidentiality.

Description

technical field [0001] The invention belongs to the field of information security, and relates to a system and method for resisting physical attacks of printers, which are used for printer systems with high confidentiality requirements. Background technique [0002] As one of the most widely used office equipment, printers provide people with great convenience. However, printers, as the source of important data output, can easily cause information leakage and virus infection. Security incidents due to printer vulnerabilities continue to occur. Printer devices Resources are limited, and traditional security protocols cannot be directly applied to them; and many devices are deployed in an open environment, and attackers have enough time and ability to launch physical attacks on them, causing key data in the system to be stolen or tampered with, and physical attacks can bypass protection software and are therefore more difficult to defend against. [0003] The physical attack ...

AI Technical Summary

Problems solved by technology

[0006] 3. Modify the bus information: the attacker modifies the data on the bus, causing illegal data in the memory and interface, and destroying the normal operation of the printer

[0007] 4. Replay data: The attacker intercepts legitimate bus data and rewrites the intercepted bus data to the bus at the moment of attack. This will not only increase the workload of the printer, but more importantly, affect the workflow of the printer. May cause data leakage before

[0008] The interface security protection method in the printer system, for example, the application publication number is CN101795271A, and the patent application titled "Network Security Printing System and Printing Method" discloses a network security printing system and printing method. The invention consists of a network printing driver, The embedded firewall platform and the client driver are composed of three parts. The embedded firewall platform is mainly used for data decryption. This method ensures the security of data transmission on the network. However, since the embedded firewall platform and the printer directly use plaintext data transmission, Therefore, the data security from the embedded firewall platform to the printer cannot be guaranteed, causing hidden dangers to the printer system and data security

[0009] The storage security protection method in the printer system, for example, TSLehman et al published a paper titled "PoisonIvy: Safespeculation for secure memory" (2016:1-13) at the conference "IEEE / ACM International Symposium on Microarchitecture". In terms of protection, the current memory protection scheme that widely uses master-slave counters is used. Its structure adopts a similar segment page management method. One master counter in a storage page corresponds to multiple block counters. When the counter overflows, only the The re-encryption of storage blocks, which greatly reduces the amount of re-encrypted data, but still requires re-encryption of multiple storage blocks in a storage page, the delay is also high, and because of its fixed structure, it will cause Large storage resource overhead; for example, the application publication number is CN102629236A, and the patent application titled "Memory Protection Method Based on Unequal Length Counters" discloses a memory protection method based on unequal length counters. The method is based on memory access The frequency is used to dynamically adjust the length of the counter. Although a longer counter can reduce overflow, re-encryption of data in the hot zone will cause a large delay when overflow occurs, and the migration of data pages between the hot zone and the non-hot zone will also be delayed. The process of re-encryption will cause some overhead

[0010] To sum up, the current existing technology can only achieve separate protection for interfaces or storage, and cannot monitor and warn of physical attacks, resulting in low security

Images