Method and system for realizing soft cipher module, storage medium and terminal

A technology for cryptographic modules and cryptographic services, applied in the field of implementing soft cryptographic modules, can solve problems such as key storage problems, and achieve the effect of ensuring confidentiality and integrity requirements

Pending Publication Date: 2022-08-05
北京安御道合科技有限公司
View PDF0 Cites 2 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0007] The second is the storage problem of the key

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method and system for realizing soft cipher module, storage medium and terminal
  • Method and system for realizing soft cipher module, storage medium and terminal
  • Method and system for realizing soft cipher module, storage medium and terminal

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0065] like figure 1 As shown, the method for implementing a soft cryptographic module provided by the embodiment of the present invention includes the following steps:

[0066] S101, using a random number generating unit to manage the entropy source and generate random numbers;

[0067] S102, utilize the key management unit to generate a key pair, generate KEK based on the PIN code derivation function KDF, and the safe storage of CSPs such as working keys and the MAC verification of the PSP;

[0068] S103, use the SSL communication unit and the security service platform to establish an SSL communication security channel and obtain multiple working keys from the security service platform;

[0069] S104, using a cryptographic service unit to provide cryptographic data encryption and decryption, MAC calculation, signature verification and entity authentication services.

Embodiment 2

[0071] like figure 2 As shown, the system for realizing the soft cryptographic module provided by the present invention includes:

[0072] Random number generation unit 1, for managing the entropy source and generating random numbers;

[0073] The key management unit 2 derives the KEK through the PIN code, and securely stores the CSP and the PSP;

[0074] The SSL communication unit 3 is used to establish an SSL security channel with the security service platform, and obtain the working key from the security service platform;

[0075] The cryptographic service unit 4 is used to provide entity authentication, data encryption and decryption, signature verification and MAC calculation services.

[0076] image 3 This is the system principle for implementing the soft cryptographic module provided by the embodiment of the present invention.

Embodiment 3

[0078] The method for implementing a soft cryptographic module provided by the embodiment of the present invention includes: a random number generating unit generates a random number and a public-private key pair, obtaining a working key from a security service platform through an SSL communication unit, and a key management unit using a PIN code and a salt value (The random number generated by the random number generation unit) derives the private key protection key and the HMAC key respectively. The former is used to encrypt the key security parameters (CSP) such as the work key, private key and random number to ensure its confidentiality; It is used by the user to perform MAC verification on public security parameters (PSP) such as public key, salt value and threshold of deterministic random bit generator (DRNG) to ensure its integrity; the cryptographic service unit decrypts and obtains the working key to provide cryptographic services for the application , and then destroy...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

No PUM Login to view more

Abstract

The invention belongs to the technical field of passwords, and discloses a method and system for achieving a soft cipher module, a storage medium and a terminal.The method for achieving the soft cipher module comprises the steps that entropy source management and random number generation are conducted through a random number generation unit; the key management unit is used for generating a key pair, generating a KEK based on a PIN code derivation function KDF, and performing secure storage of a working key and other CSPs and MAC verification of a PSP; the SSL communication unit is used for establishing an SSL secure channel with a security service platform and acquiring various working keys from the security service platform; and the password service unit is used for providing the services of password data encryption and decryption, MAC calculation, signature verification and entity identification. Aiming at two core problems faced by a soft cipher module, the invention provides a method for realizing the soft cipher module and an SDK (Software Development Kit), and particularly relates to selection of a random number entropy source, generation of random numbers, secure storage of secret keys, cipher service and the like.

Description

technical field [0001] The invention belongs to the technical field of cryptography, and in particular relates to a method, a system, a storage medium and a terminal for implementing a soft cryptographic module. Background technique [0002] At present, from the long-term perspective of security strategy, relevant agencies and departments have proposed to promote the national secret algorithm and strengthen the construction of network security, and are vigorously developing the government cloud. Cryptographic algorithms are the core technology to ensure information security, especially in the era of big data, under the need to protect computers and government cloud security systems, the demand for cryptographic applications is increasing, and data needs password protection to prevent unauthorized access. Cryptography can realize security services such as entity authentication and non-repudiation, but the security and reliability of cryptography directly depend on the secure ...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Application Information

Patent Timeline
no application Login to view more
Patent Type & Authority Applications(China)
IPC IPC(8): H04L9/08
CPCH04L9/0869H04L9/0819
Inventor 刘亚枫李永明王新树邓鹏白婧石宝臣
Owner 北京安御道合科技有限公司
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap