Unlock instant, AI-driven research and patent intelligence for your innovation.

A Trusted Boot Method Based on Security Chip

A security chip and secure boot technology, applied in computer security devices, instruments, computing, etc., can solve the problems of not considering physical attacks of cold boot attacks, inability to implement system updates, and failure to consider embedded system recovery technology, etc.

Active Publication Date: 2021-09-14
广东为辰信息科技有限公司
View PDF4 Cites 0 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

This method requires one-time programming of the loaded entities, and cannot achieve normal system updates
At the same time, this method does not take into account the possibility of physical attacks such as scanning physical memory to obtain plaintext, cold start attacks using memory data residues, and microscopes reading internal data of the chip during the boot process.
Finally, neither consider recovery techniques for embedded systems

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • A Trusted Boot Method Based on Security Chip
  • A Trusted Boot Method Based on Security Chip
  • A Trusted Boot Method Based on Security Chip

Examples

Experimental program
Comparison scheme
Effect test

Embodiment

[0035] figure 1 It is a specific implementation flow chart of the security chip-based trusted startup method of the present invention. Such as figure 1 As shown, the specific steps of the trusted startup method based on the security chip of the present invention include:

[0036] S101: BootLoader division:

[0037]Boot Loader is a program that runs before the operating system kernel runs. Through this program, hardware devices can be initialized and a map of memory space can be established to bring the system's hardware and software environment to a suitable state for the final call operation. The system kernel prepares the correct environment. In the present invention, firstly, according to the different functions of each part in the secure boot process, the BootLoader is divided into 6 parts, which are respectively BL1 program, BL2 program, BL30 program, BL31 program, BL32 program, and BL33 program, wherein the BL1 program is used to set Exception vector table, initializ...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a trusted startup method based on a security chip, which divides the BootLoader into six parts, respectively makes images of the six parts based on digital signatures, stores key images in the security chip, and loads the six parts in order. After the image is loaded, the integrity verification is performed, and the Linux boot process starts after all the integrity passes. The invention adopts the digital signature and the integrity verification to ensure the credible starting chain, and uses the safety chip to store key data, which can effectively improve the starting credibility.

Description

technical field [0001] The invention belongs to the technical field of mobile intelligent terminal security, and more specifically, relates to a trusted startup method based on a security chip. Background technique [0002] The security of hardware structure and operating system is the basis of information system security. At present, for embedded system security problems, the existing solution is to introduce trusted computing technology, the main idea is to establish a root of trust and a chain of trust to ensure the integrity and security of the system. In the embedded system, the existing implementation methods of trusted computing technology are divided into two categories: one is to use the trusted platform module (trusted platform module, referred to as TPM) proposed by the trusted computing organization (trusted computing program, referred to as TCG) Communicate with the embedded CPU. The TPM is used as the root of trust, and the initial expected measurement value ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Patents(China)
IPC IPC(8): G06F21/57G06F21/71
CPCG06F21/575G06F21/71
Inventor 肖堃罗蕾李允罗建超陈丽蓉陈虹桂盛霖
Owner 广东为辰信息科技有限公司