Key storage method, device and server

A key server and key storage technology, applied in the field of key storage methods, devices and servers, can solve the problems of low computing performance, poor scalability, and inability to realize data sharing, and achieve the effect of enhancing security and improving security.

Active Publication Date: 2019-11-08
BEIJING NOVEL SUPER DIGITAL TV TECH
View PDF9 Cites 10 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

Due to the shortcomings of these hardware devices such as poor scalability, inability to dynamically adjust, inability to realize data sharing, and low computing performance, flexible deployment of general-purpose devices (such as cloud service hosts) has become a good choice
[0004] However, the use of flexible deployment of general-purpose equipment makes the root key have the problem of malicious impersonation, forgery, tampering and other illegal attacks during the storage process, which again reduces the security of the root key

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Key storage method, device and server
  • Key storage method, device and server
  • Key storage method, device and server

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0047] Figure 1B It is a flow chart of a key storage method in Embodiment 1 of the present invention. The present invention is applicable to the case where the key is safely stored in a shareable business security server. The method is executed by a key storage device, and the device It is implemented by software and / or hardware, and is specifically configured in a business security server.

[0048] like Figure 1B A key storage method shown is applied to a business security server, including:

[0049] S110. Receive the key to be stored sent by the key server.

[0050] Wherein, the key to be stored may be key information with certain security risks, such as a root key.

[0051] In this step, the key to be stored is generated by the key server and sent to the service security server. Correspondingly, the service security server receives the key to be stored.

[0052] It should be noted that, in order to enhance the security of data transmission between the key server and ...

Embodiment 2

[0067] figure 2 It is a flow chart of a key storage method in Embodiment 2 of the present invention. This embodiment of the present invention is optimized and improved on the basis of the technical solutions of the foregoing embodiments.

[0068] Further, before the operation "receive the key to be stored sent by the key server", add "generate the authentication key in the trusted execution environment, and use the shared key of the business security server and the key server, generating a message authentication code corresponding to the authentication key; sending the authentication key and the message authentication code to the key server, so that the key server can authenticate the message based on the shared key The authentication code is credible, and when the verification is credible, the key to be stored is fed back based on the authentication key"; correspondingly, the operation "receiving the key to be stored sent by the key server" is refined into "receiving the sto...

Embodiment 3

[0083] image 3 It is a flow chart of a key storage method in Embodiment 3 of the present invention. This embodiment of the present invention is applicable to the case where the key is safely stored in a shareable business security server. The method is executed by a key storage device. The device is realized by software and / or hardware, and is specifically configured in the key server.

[0084] like image 3 A key storage method shown is applied to a key server, including:

[0085] S310. Generate a key to be stored.

[0086] Wherein, the key to be stored may be key information with certain security risks, such as a root key.

[0087] In this step, the key server generates a key to be stored according to the key generation mechanism set by itself, and sends it to the business security server. Correspondingly, the service security server receives the key to be stored.

[0088] S320. Send the key to be stored to the service security server, so that the service security server...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The embodiment of the invention discloses a secret key storage method, a secret key storage device and a server. The method comprises the following steps: receiving a to-be-stored key sent by a key server; in the trusted execution environment, creating a secure storage key according to module recognition information of a trusted execution module configured by the trusted execution module and trusted computing base parameter information for bearing the trusted execution module; and in the trusted execution environment, encrypting the to-be-stored key through the secure storage key, and storingthe encrypted to-be-stored key. According to the technical scheme provided by the embodiment of the invention, in a trusted execution environment; based on the module recognition information and the trusted computing base parameter information, a secure storage key which is only visible to the system during trusted operation is generated. The security of the security storage secret key is enhanced. The security storage secret key is adopted to store the secret key to be stored in the trusted execution environment. The isolation of codes and data is achieved. The security of secret key storageis enhanced, and then the security of the stored secret key to be stored is improved.

Description

technical field [0001] The embodiments of the present invention relate to the field of computer technology, and in particular, to a key storage method, device and server. Background technique [0002] With the advent of the digital age, data security is even more important. In order to take into account the security and sharing of data, a key is usually used to perform encryption and decryption operations or security verification on data. Since the key (especially the seed that generates other keys - the root key) is fixed within a certain period of time or its life cycle, the security of the key is particularly important [0003] In order to prevent the root key from various malicious attacks and effectively ensure the security of the root key, the prior art usually stores the root key on an independent dedicated hardware device (such as an encryption machine). Due to the shortcomings of these hardware devices such as poor scalability, inability to dynamically adjust, ina...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/08H04L29/06
CPCH04L9/0894H04L9/088H04L9/0822H04L63/06
Inventor 郭永伟李选庆张晶
Owner BEIJING NOVEL SUPER DIGITAL TV TECH
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap