Method for generating root key in secure trusted execution environment (TEE)

A technology of execution environment and root key, applied in the field of information security, can solve problems such as no solutions, and achieve the effect of enhancing security and reliability

Active Publication Date: 2018-08-24
BEIJING BEANPOD TECH CO LTD
View PDF7 Cites 12 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0009] For the problems in related technologies

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for generating root key in secure trusted execution environment (TEE)

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0023] The following will clearly and completely describe the technical solutions in the embodiments of the present invention with reference to the accompanying drawings in the embodiments of the present invention. Obviously, the described embodiments are only some, not all, embodiments of the present invention. All other embodiments obtained by persons of ordinary skill in the art based on the embodiments of the present invention belong to the protection scope of the present invention.

[0024] As shown in Figure 1, a method for generating a root key in a secure and trusted execution environment according to an embodiment of the present invention includes the following steps:

[0025] S1 calculates Key1=PBKDF2(Password,Salt,it), where Password is the password entered by the user, Salt generates a random number inside TEE, and it is the number of iterations;

[0026] S2 calculates the root key UserRootKey=Argon2 (Key1, HWUID, Salt, SecretFactor, it, M), where M is the memory u...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses a method for generating a root key in a secure trusted execution environment (TEE). The method includes the following steps: S1, calculating the formula Key1=PBKDF2(Password, Salt, it), wherein Password is a password input by a user, Salt is a random number generated internally by the TEE, and it is the number of iterations; S2, calculating a root key UserRootKey=Argon2(Key1, HWUID, Salt, SecretFactor, it, M), wherein M is a memory occupancy value, SecretFactor is a confidentiality factor that is built in a TEE operating system and protected by a confusion technique, and HWUID is a hardware unique identification number; S3, calculating the formula Key3=Argon2(UserRootKey, Salt, it, M); and S4, generating a data encryption key DEK and a random number Nonce in a CCM mode by using a random number generator, and calculating the formula EDEK=AES-CCM(UserRootKey, DEK, Nonce). The scheme of the invention has the beneficial effect that by adding a user PIN as another input factor derived from the root key, the security and reliability of the root key can be enhanced.

Description

technical field [0001] The invention relates to the field of information security, in particular to a method for generating a root key in a safe and trusted execution environment. Background technique [0002] Secure Element (Secure Element), referred to as SE, is usually provided in the form of a chip. In order to prevent external malicious analysis attacks and protect data security, there is an encryption / decryption logic circuit in the chip. [0003] TEE is the abbreviation of Trusted Execution Environment. The current trusted execution environment is mainly based on the trusted execution environment built on the security area of ​​the processor in the smart terminal (such as a smart phone). TEE is an independent execution area, which provides many security properties, such as isolation, TA integrity, etc. At the same time, TEE also ensures the security of code and data loaded into TEE. The traditional TEE technology includes ARM's TrustZone and so on. The GP organiza...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
IPC IPC(8): H04L9/08
CPCH04L9/0869
Inventor 刘涛韩鹏王艳伟
Owner BEIJING BEANPOD TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products