Encryption method and device for special password of terminal equipment

Abstract

The invention discloses a special password encryption method and device for terminal equipment, and the method comprises the steps that: a password operation instruction is transmitted to a TEE client when the terminal equipment detects the password operation instruction of an application layer; the TEE client sends the password operation instruction to a trusted application TA used for processing the password operation instruction in a TEE system; and the TA analyzes the password operation instruction, executes the password operation instruction by calling a corresponding algorithm in a special password algorithm library in the TEE system according to an analysis result, and feeds back an execution result to the application layer through the TEE client. By applying the technical scheme disclosed by the invention, the calling security of the special cryptographic algorithm is ensured by utilizing the TEE system, and the implementation cost can be reduced, the power consumption can be reduced and the overall performance of the terminal equipment can be improved on the premise of ensuring the security strength by utilizing the special cryptographic algorithm.

Description

technical field [0001] The present application relates to the technical field of information security, and in particular to a dedicated password encryption method and device for terminal equipment. Background technique [0002] At present, in order to meet the needs of some customers with high information security requirements, many terminal devices use a dedicated password encryption method, which is approved by a third-party authority to ensure the strength of terminal information security. [0003] In order to ensure the security of the encryption method, the encryption method of the existing special password is usually implemented by adding hardware modules. Specifically, the encryption method of the dedicated password is preset in a dedicated password hardware module (such as TF password card, simkey, film card, etc.), and the password hardware module adapts the terminal driver and integrates the password service provided by the password card manufacturer Provide the a...

AI Technical Summary

Problems solved by technology

The password cards in the industry usually cost several hundred yuan, which is a very high cost increase compared with most mobile terminals.

[0006] 2. The introduction of the cryptographic hardware module requires terminal equipment to supply power for it, which will greatly increase the power consumption of the terminal, especially the external cryptographic hardware module

Since terminal equipment using cryptographic hardware modules is usually used for mobile office of industry customers, these customers have high requirements for the sustainable use time of terminal equipment, and the above-mentioned increase in power consumption will lead to a significant decrease in the sustainable use time of the terminal, thus Unable to meet the needs of the above-mentioned long continuous use time

[0007] 3. The existing cryptographic hardware modules, no matter what form they are implemented in, generally have very low chip computing power and small operating memory. In this way, the limited computing power will lead to low processing efficiency of the cryptographic hardware modules, and often It becomes the performance bottleneck of the entire service, and cannot meet some services with high performance requirements, such as video services, etc.

Images