Android environment secret key segmentation processing method and device

A processing method and key technology, which is applied in key distribution, can solve the problems of high development cost, limited security application, inability to adapt to mobile phones at the same time, and achieve the effect of increasing security and facilitating promotion

Active Publication Date: 2020-07-10
JIANGSU HENGBAO INTELLIGENT SYST TECH CO LTD
View PDF2 Cites 5 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0003] For the Android system, although the current mainstream mobile phones launched by mobile phone manufacturers include the TEE system and SE, which can run TA applications and install applets, the mobile phones in the third- and fourth-tier cities and remote areas are relatively low-end, and most of the mobile phones are in the thousands. Due to cost issues, it does not include TEE environment and SE, and cannot store keys. In the direction of mobile phone security applications, limited mobile phone models cannot be widely promoted
[0004] In addition, for the Android system, because the mobile phone brands are different, the CPU chip models used are different, so the TEE system and SE used are also different. For example, Huawei uses its own TEE environment, and Qualcomm also has its own TEE environment. The TA application cannot be adapted to mobile phones with Huawei Kirin chips and Qualcomm chips at the same time. Mobile phone security applications are limited by mobile phone brands and mobile phone chips. The development cost is high and cannot be widely promoted.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Android environment secret key segmentation processing method and device
  • Android environment secret key segmentation processing method and device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0040] Embodiment 1 of the present application provides a method for segmented storage of keys in an Android environment, such as figure 1 shown, including:

[0041] Step 110, input the initial key into the white box key module to generate a table table, and use the table table as the target storage key;

[0042] In the embodiment of this application, the white-box key module uses white-box encryption calculation to encrypt the input initial key pkey to generate a table table, and this table is used as the target storage key key;

[0043] Since the white-box encryption and decryption algorithm cannot decrypt the correct initial key according to the encryption and decryption key, this application uses white-box encryption and decryption calculation as a more secure encryption and decryption algorithm to increase the security of key storage.

[0044] Step 120, generating a key calculation factor according to the unique device identifier of the current device;

[0045] Since ea...

Embodiment 2

[0064] Embodiment 2 of the present application provides an Android environment key segment extraction method, such as figure 2 shown, including:

[0065] Step 210, obtain segmented subkeys from the so library, and assemble the segmented subkeys into ciphertext;

[0066] Specifically, when key extraction is required, in response to receiving the key extraction instruction, the call interface sends a key extraction instruction to the function so library, and the function so library extracts the corresponding storage from the segmented key storage so library. For example, after the libmainFunc.so library receives the key extraction instruction from the Android device, it extracts the corresponding stored segment subkeys from the libsecurity1.so library, libsecurity2.so library, and libsecurity3.so library respectively. Then determine the order of assembly according to the segment identification (ie the first byte of the data storage format) of each segment subkey, and then asse...

Embodiment 3

[0075] Embodiment 3 of the present application provides an Android environment key segmentation processing device, including:

[0076] Key segmentation storage module, executes the Android environment key segmentation storage method as described in embodiment one;

[0077] The key segmentation extraction module executes the Android environment key segmentation extraction method as described in Embodiment 2.

[0078] Adopting the technical scheme of the present application can achieve the following effects:

[0079] 1. Save development costs, do not distinguish between mobile phone manufacturers and chip models used, and the pure Android environment key segment storage scheme can be used universally on all Android system mobile phones, which is conducive to the promotion of security-related applications;

[0080] 2. There is no need for a TEE environment. On the basis of relatively ensuring data security, keys can be used to process sensitive data on low-end mobile phones, whi...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention discloses an Android environment secret key segmentation processing method and device. The processing method comprises secret key storage and secret key extraction, wherein the secret key storage comprises inputting an initial secret key into a white box secret key module to generate a target storage secret key; generating a key operation factor according to the equipment unique identifier; and generating a to-be-segmented key according to the target storage key and the key operation factor, executing a segmentation operation, and storing the segmented sub-key to a correspondingso library. The key extraction comprises the steps of obtaining segmented sub-keys from a so library and assembling the segmented sub-keys into a ciphertext; decrypting the assembled ciphertext by using a key operation factor, and decomposing a decryption result into a key and a key hash value; and if the calculated hash value of the secret key is consistent with the decomposed hash value of the secret key, inputting the secret key into the white box secret key module to be decrypted to obtain an initial secret key, and enabling secret key extraction to succeed. According to the method and thedevice, the key data is protected by adopting a strategy of storing the keys in sections by multiple so libraries, so that the method and the device are suitable for all Android system equipment andare beneficial to popularization of security applications.

Description

technical field [0001] The present application relates to the technical field of key storage, in particular to a method and device for segmenting keys in an Android environment. Background technique [0002] For the android mobile phone system, the key storage in the mobile phone is currently done through TEE and SE. TA is used as the application of TEE, and the key data is stored in TA, located in TEE, and TEE is isolated from REE (such as android system ), multiple TAs run in parallel in the TEE without interfering with each other and are isolated from each other. This ensures the security of the key stored by TA and the data generated in the intermediate process. SE needs the support of secure hardware in the mobile phone, and the key can be stored in the applet of SE. [0003] For the Android system, although the current mainstream mobile phones launched by mobile phone manufacturers include TEE system and SE, which can run TA applications and install applets, the mobi...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/08H04L9/06
CPCH04L9/0866H04L9/0869H04L9/0625H04L9/0637H04L9/0643H04L2209/16Y04S40/20
Inventor 李江培郑涛
Owner JIANGSU HENGBAO INTELLIGENT SYST TECH CO LTD
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap