Key exchange acceleration method for establishing trusted execution environment security level

Abstract

A key exchange acceleration method for establishing a trusted execution environment security level comprises a key management module, a public key storage pool and a key monitoring module, and the key management module is used for generating a key required by communication and managing and calculating a session key. The public key storage pool module is established in a rich environment REE, and the key monitoring module is used for controlling the key generation speed and making mode selection. By calculating the relationship between the key use speed and the key storage capacity and adaptively selecting the key generation mode, the use of the key is not influenced by the communication performance, the generation operation can be carried out at the optimal speed, the communication speed is greatly improved, and the key generation becomes the bottleneck problem influencing the communication time.

Description

technical field [0001] The invention belongs to the technical field of computer and information security, and relates to a method capable of establishing TEE-level key exchange and accelerating key distribution and exchange. Background technique [0002] With the rapid development of cloud computing technology and Internet of Things technology, people are gradually moving towards an intelligent world where everything is connected. The number of applications that have strong requirements for data privacy protection, such as Internet finance and mobile payment, has shown an explosive growth, which poses severe challenges to cryptographic algorithms, especially public key cryptographic algorithms with high computational complexity. On the service side represented by cloud computing technology, it needs to face the massive data generated by hundreds of millions of users, and the server side needs to complete the identity authentication and data protection of these users within a...

AI Technical Summary

Problems solved by technology

[0003] In order to ensure the establishment of TEE (Trusted Execution Environment) level key exchange in the existing traditional public key distribution technology, the key management module is designed in the trusted execution environment, and the port communication between the rich environment and the trusted execution environment is used. To complete the ECDH process, such as figure 1 As shown, when the communication was established, REE (Rich Environment) and TEE (Trusted Execution Environment) communicated 5 times, and the key management modules of both parties generated public-private key pairs and calculated the session keys of both parties. SK, a total of 4 real-time calculations, which lead to the real-time generation of public and private keys in ECDH, resulting in huge CPU overhead, and too many interactions between the rich environment and the trusted execution environment, which greatly reduces the amount of CPU real-time calculations. The public key exchange between the two parties in the communication is slow and not timely enough

Images