Key secure storage method, information processing method, terminal device, and electronic device
By employing a distributed key generation and storage scheme in the terminal device, private key fragments are stored separately in the TEE and REE. By utilizing threshold cryptography, the trust dependency problem of the terminal device on a single closed-source TEE is solved, thereby improving the security of key storage and use without increasing hardware costs.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- ZHEJIANG LINGAI FUTURE TECHNOLOGY CO LTD
- Filing Date
- 2026-06-01
- Publication Date
- 2026-07-14
AI Technical Summary
Currently, when terminal devices use TEE, it is difficult to fully trust the security of closed-source TEE, and deploying HSM will increase hardware costs. How can we reduce the reliance on a single closed-source TEE and improve the security of key storage and use without increasing hardware costs?
A distributed key generation and storage scheme is adopted, in which private key fragments are stored in a Trusted Execution Environment (TEE) and a Rich Execution Environment (REE) respectively. Threshold cryptography is used to realize the distributed generation and fragmented storage of private keys. Asymmetric key pairs are generated centrally by the host computer and the private key is split. The private key fragments and the corresponding public key fragments are written into the REE and TEE respectively.
Without increasing hardware costs, this approach reduces reliance on a single closed-source TEE, improves the security of key storage and usage, avoids the risk of private key leakage due to a breach of a single environment, and maintains the high performance and low cost advantages of TEE.
Smart Images

Figure CN122394793A_ABST
Abstract
Description
Technical Field
[0001] This application relates to the field of key storage technology, specifically to key secure storage methods, information processing methods, terminal devices, and electronic devices. Background Technology
[0002] With the increasing demand for information security and the localization of cryptographic algorithms, terminal devices are facing increasingly stringent security requirements for key storage and computation. Currently, mainstream security solutions rely on trusted execution environments (TEEs) built on hardware isolation technology to store and process sensitive private keys, providing high levels of security without additional hardware costs. However, commercial TEEs are mostly closed-source implementations, and their internal underlying code and firmware policies are a "black box" for device manufacturers, posing potential unknown vulnerabilities or reserved backdoor risks. Although open-source TEE code is transparent and auditable, and hardware security modules (HSMs) can provide even higher levels of security, the former is limited by specific hardware platforms and is difficult to port to existing widely deployed closed-source chip platforms, while the latter faces significant obstacles such as increased hardware costs and long development and adaptation cycles.
[0003] Therefore, current terminal devices face the dilemma of needing to use TEEs but finding it difficult to fully trust them. How to reduce reliance on a single closed-source TEE and improve the security of key storage and use without increasing hardware costs and maintaining the existing TEE architecture has become an urgent technical problem to be solved. Summary of the Invention
[0004] This application provides a key secure storage method, an information processing method, a terminal device, and an electronic device, aiming to solve the problem of how to reduce the trust dependence on a single closed-source TEE and improve the security of key storage and use without increasing hardware costs and maintaining the existing TEE architecture.
[0005] Firstly, a secure key storage method is provided, applied to a target terminal device, the target terminal device including a trusted execution environment and a rich execution environment, the secure key storage method comprising: The rich execution environment randomly generates a first private key fragment, generates a first public key fragment corresponding to the first private key fragment, and sends the first public key fragment to the trusted execution environment. The trusted execution environment randomly generates a second private key fragment, generates a second public key fragment corresponding to the second private key fragment, generates a target public key based on the first public key fragment and the second public key fragment, stores the second private key fragment, the second public key fragment and the target public key, and sends the target public key and the second public key fragment to the trusted execution environment. The rich execution environment generates a target public key based on the first public key fragment and the second public key fragment, and in response to the generated target public key being the same as the received target public key, stores the first private key fragment, the first public key fragment, and the target public key.
[0006] In some embodiments, the rich execution environment randomly generates the first private key fragment, including: Randomly generate a first secret value, and generate a first private key fragment based on the first secret value; The trusted execution environment randomly generates a second private key fragment, including: A second secret value is randomly generated, and a second private key fragment is generated based on the second secret value.
[0007] Secondly, a secure key storage method is provided, applied to a host computer connected to a target terminal device. The target terminal device includes a trusted execution environment and a rich execution environment. The secure key storage method includes: Randomly generate an asymmetric key pair, which includes a target private key and a target public key; Using a preset key splitting algorithm, the target private key is split into a first private key fragment and a second private key fragment; Generate a first public key fragment corresponding to the first private key fragment based on the first private key fragment, and generate a second public key fragment corresponding to the second private key fragment based on the second private key fragment; The first private key fragment, the first public key fragment, and the target public key are written into a rich execution environment for storage, and the second private key fragment, the second public key fragment, and the target public key are written into a trusted execution environment for storage.
[0008] Thirdly, an information processing method is provided, applied to a target terminal device, the target terminal device including a trusted execution environment and a rich execution environment, the rich execution environment storing a first private key fragment, and the trusted execution environment storing a second private key fragment; the first private key fragment and the second private key fragment are stored using a key security storage method as described in the first or second aspect; the information processing method includes: The rich execution environment sends a message processing request to the trusted execution environment. The message processing request includes target data to be processed in a specified manner, which may include signature processing or decryption processing. The trusted execution environment uses the second private key fragment to perform specified processing on the target data according to the information processing request, obtains the first processing result, and sends the first processing result to the rich execution environment; The rich execution environment uses the first private key fragment to perform specified processing on the target data, obtains the second processing result, and merges the first processing result and the second processing result to obtain the target result.
[0009] In some embodiments, the specified processing is signature processing, the first processing result is a first signature fragment, the second processing result is a second signature fragment, and the target result is a target signature; the trusted execution environment and the rich execution environment also store a target public key, which is stored using a key security storage method as described in the first or second aspect; the information processing method further includes: The rich execution environment uses the target public key to verify the target signature, and in response to the successful verification of the target signature, determines that the signature generation is complete.
[0010] In some embodiments, the rich execution environment verifies the target signature using the target public key, including: Decrypt the target signature using the target public key to obtain the first hash value; The target data is hashed using a preset hash algorithm to obtain a second hash value; If the first hash value matches the second hash value, then the target signature verification is successful.
[0011] In some embodiments, the specified processing is decryption processing, the first processing result is a first plaintext fragment, the second processing result is a second plaintext fragment, and the target result is the complete plaintext of the target data.
[0012] Fourthly, a terminal device is provided, including a trusted execution environment and a rich execution environment; A rich execution environment is used to randomly generate a first private key fragment, generate a first public key fragment corresponding to the first private key fragment, and send the first public key fragment to the trusted execution environment. A trusted execution environment is used to randomly generate a second private key fragment, generate a second public key fragment corresponding to the second private key fragment, generate a target public key based on the first public key fragment and the second public key fragment, store the second private key fragment, the second public key fragment and the target public key, and send the target public key and the second public key fragment to the rich execution environment. The rich execution environment is also used to generate a target public key based on the first public key fragment and the second public key fragment, and in response to the generated target public key being the same as the received target public key, to store the first private key fragment, the first public key fragment, and the target public key.
[0013] In some embodiments, the rich execution environment is further configured to send an information processing request to the trusted execution environment, the information processing request including target data to be processed in a specified manner, the specified processing including signature processing or decryption processing; The trusted execution environment is also used to perform specified processing on the target data using the second private key fragment according to the information processing request, obtain the first processing result, and send the first processing result to the rich execution environment; The rich execution environment is also used to perform specified processing on the target data using the first private key fragment, obtain the second processing result, and merge the first processing result and the second processing result to obtain the target result.
[0014] Fifthly, an electronic device is provided, including a memory and a processor, wherein a computer program is stored in the memory, and when the computer program is executed by the processor, it implements a key secure storage method as described in any implementation of the second aspect.
[0015] In summary, the embodiments of this application provide a distributed key generation and storage scheme. This scheme is based on a dual-environment collaborative architecture of the target terminal device's internal REE (Rich Execution Environment) and TEE, utilizing threshold cryptography to achieve distributed generation and fragmented storage of private keys. Since a complete private key never exists in a single environment, even if the Trusted Execution Environment (TEE) has backdoors or vulnerabilities due to its closed-source nature, an attacker cannot recover the complete private key by obtaining only a single private key fragment. Therefore, this scheme can reduce the reliance on a single closed-source TEE and improve the security of key storage and use without increasing hardware costs or maintaining the existing TEE architecture.
[0016] This application also provides a centralized key distribution and storage scheme, which offers a secure key injection mechanism adapted to factory environments. Asymmetric key pairs are centrally generated by a host computer, and private key fragments are split. These private key fragments and their corresponding public key fragments are written to the REE and TEE of the target terminal device, respectively. This fragmented storage method ensures that, in actual operation, if any single environment of the target terminal device is compromised, complete control of the private key cannot be obtained. This scheme reduces reliance on a single closed-source TEE and improves the security of key storage and use without increasing hardware costs or maintaining the existing TEE architecture.
[0017] This application embodiment also provides an information processing scheme that, based on the aforementioned fragmented storage architecture, achieves distributed collaborative processing of signature and decryption operations. During processing, the REE and TEE respectively use their respective private key fragments to perform operations on the target data and generate intermediate results, which are then merged by the REE. Since the operation process does not require reconstructing the complete private key, and both environments need to participate in the collaboration, the security risks caused by complete control of a single environment are effectively avoided. This mechanism supports various cryptographic operations such as signature and decryption, ensuring the operational security of the target terminal device when processing sensitive information without increasing hardware overhead, while maintaining the original high performance and low cost advantages of the TEE. Attached Figure Description
[0018] To more clearly illustrate the technical solutions in the embodiments of this application, the accompanying drawings used in the description of the embodiments will be briefly introduced below. Obviously, the accompanying drawings described below are only some embodiments of this application. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.
[0019] Figure 1 This is a schematic diagram of centralized key fragment filling provided in an embodiment of this application; Figure 2 This is a flowchart of a key secure storage method provided in an embodiment of this application; Figure 3 This is another flowchart of the key secure storage method provided in the embodiments of this application; Figure 4 This is a flowchart of an information processing method provided in an embodiment of this application; Figure 5 This is a flowchart of a signature generation method provided in an embodiment of this application; Figure 6 This is a flowchart of a decryption method provided in an embodiment of this application. Detailed Implementation
[0020] The technical solutions of the embodiments of this application will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of this application, and not all embodiments. Based on the embodiments of this application, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of this application.
[0021] In the description of this application, it should be understood that the terms "center," "longitudinal," "lateral," "length," "width," "thickness," "upper," "lower," "front," "rear," "left," "right," "vertical," "horizontal," "top," "bottom," "inner," and "outer," etc., indicating orientation or positional relationships based on the orientation or positional relationships shown in the accompanying drawings, are used only for the convenience of describing this application and simplifying the description, and do not indicate or imply that the device or element referred to must have a specific orientation, or be constructed and operated in a specific orientation, and therefore should not be construed as a limitation of this application. Furthermore, the terms "first" and "second" are used for descriptive purposes only and should not be construed as indicating or implying relative importance or implicitly specifying the number of indicated technical features. Thus, features defined with "first" and "second" may explicitly or implicitly include one or more of the stated features. In the description of this application, "a plurality of" means two or more, unless otherwise explicitly specified.
[0022] "A and / or B" includes the following three combinations: A only, B only, and a combination of A and B.
[0023] The use of "applies to" or "configured to" in this application implies open and inclusive language, which does not exclude the applicability to or configuration to devices performing additional tasks or steps. Additionally, the use of "based on" implies openness and inclusivity, because processes, steps, calculations, or other actions "based on" one or more conditions or values may in practice be based on additional conditions or values beyond those stated.
[0024] In this application, the term "exemplary" is used to mean "used as an example, illustration, or description." Any embodiment described as "exemplary" in this application is not necessarily to be construed as being more preferred or advantageous than other embodiments. The following description is provided to enable any person skilled in the art to make and use this application. Details are set forth in the following description for purposes of explanation. It should be understood that those skilled in the art will recognize that this application can be made without using these specific details. In other instances, well-known structures and processes are not described in detail to avoid obscuring the description of this application with unnecessary detail. Therefore, this application is not intended to be limited to the embodiments shown, but is consistent with the broadest scope of the principles and features disclosed in this application.
[0025] With increasing emphasis on information security, the localization of cryptographic algorithms has become a national strategic requirement. In recent years, in key infrastructure sectors such as finance, communications, and the Internet of Vehicles, the country is accelerating the migration of commercial cryptographic algorithms. Domestic cryptographic algorithms, represented by SM2 (ShangMi 2), SM3 (ShangMi 3), and SM4 (ShangMi 4), are gradually replacing international algorithms (such as RSA, ECC, and AES) to build an independent and controllable security system.
[0026] Among them, SM2 is the Chinese national standard for elliptic curve public-key cryptography, an asymmetric encryption algorithm used for digital signatures and key exchange. SM3 is a hash algorithm used for data integrity verification and message authentication code generation. SM4 is a symmetric encryption algorithm used for data encryption and decryption. RSA (Rivest-Shamir-Adleman) is a classic public-key cryptography algorithm based on the large integer factorization problem, widely used for encryption and signatures. ECC (Elliptic Curve Cryptography) is a public-key cryptosystem based on elliptic curve mathematics, which has the advantages of shorter key length and higher computational efficiency compared to RSA. AES (Advanced Encryption Standard) is a block cipher standard, a symmetric encryption algorithm with extremely high security and excellent operating efficiency.
[0027] Currently, keys can be divided into symmetric keys and asymmetric keys. Symmetric keys are used for symmetric encryption, and asymmetric keys are used for asymmetric encryption.
[0028] Symmetric encryption refers to encryption where the same key is used for both encryption and decryption. The advantages of symmetric encryption are its speed, high encryption efficiency, and suitability for handling large amounts of data. The disadvantage is that both parties must securely store the key for normal communication to occur.
[0029] Because symmetric encryption requires both parties to possess a key to complete communication, how can communication occur if two participants (A and B) do not share a key? This is where asymmetric cryptography comes in. In asymmetric cryptography, each person has two keys: a public key and a private key. The public key can be made public, but the private key cannot. There is a relationship between the public and private keys: the public key can be derived from the private key, but the private key cannot be derived from the public key. This relationship is based on a one-way mathematical problem.
[0030] Asymmetric keys have two uses: Encryption / Decryption: A can use B's public key to encrypt the original document and send it to B. B receives the encrypted document and uses their private key to decrypt it, obtaining the original document, thus completing normal communication. Signature Verification: Similar to a paper signature, B says something and signs it with their private key, obtaining a digital signature. Others can verify this signature using B's public key to prove that B said the statement.
[0031] Common asymmetric algorithms include RSA, ECC, and SM2. In practical applications, the storage and use of private keys are the core of a security system; once the private key is leaked, the entire security system collapses. Therefore, how to securely store and use private keys is a critical issue in the field of information security.
[0032] In a computer system, hardware (including the CPU (central processing unit), memory, and secondary storage) is the physical foundation, responsible for executing instructions and storing data. The operating system (such as Windows, Linux, Android, QNX, and iOS) is the core software running on top of the hardware, responsible for managing hardware resources, scheduling tasks, and providing system services. Applications (such as social media, payment, and banking applications) run on the operating system. Private keys are stored on the operating system, but this operating system contains many programs, making private key storage a challenge. Therefore, TEE (Trusted Execution Environment) technology was invented. The core idea is to create an isolated environment to store private keys. This divides CPU resources into two worlds: The ordinary world: This is REE, which runs conventional operating systems (such as Windows, Linux, Android, QNX, and iOS), is responsible for handling non-sensitive business, has rich features but low security, and is vulnerable to malware attacks.
[0033] Secure World: This refers to a TEE (Trusted Execution Environment), a secure zone built on CPU hardware isolation technology. Isolated from the regular operating system, it runs an independent secure operating system (TEE OS) and trusted applications, responsible for storing and processing sensitive data, as well as performing secure computations. Typical implementations of TEE include ARM TrustZone and Intel SGX.
[0034] The two worlds are physically isolated at the hardware level—programs in the ordinary world cannot directly access the memory and registers of the secure world, and even if an attacker gains the highest privileges of the ordinary operating system, they cannot snoop on the data inside the TEE.
[0035] TEE's advantages lie in its lack of additional hardware costs and high performance, making it widely used in smartphones, tablets, and smart cars. However, commercial TEEs (such as Qualcomm QSEE) are mostly closed-source implementations, and their internal implementation details are opaque to device manufacturers and application developers, posing potential unknown vulnerabilities or backdoor risks. Although open-source TEEs (such as OP-TEE) exist, they usually require specific hardware support and are difficult to use on existing widely deployed closed-source chip platforms (such as Qualcomm Snapdragon series).
[0036] HSM is a dedicated physical security chip or peripheral that contains an independent cryptographic processor, secure storage unit, and tamper-proof mechanisms, providing physical tamper-proof capabilities for high-level key protection. HSM offers a higher level of security than TEE; keys are generated, stored, and used internally within the HSM, never leaving the hardware. HSMs can be unconditionally trusted, but their higher cost and larger size would significantly increase costs for large-scale deployment in consumer electronics and automotive devices, making it difficult to completely replace TEEs in the short term.
[0037] On devices lacking a Secret Sharing Scheme (HSM), to address the issue of secure key storage, academia has proposed splitting the private key into n fragments, each held by one of the n participants, with a threshold value t (t ≤ n). When a signature needs to be generated, at least t participants can each use their own fragments to collaboratively compute a valid digital signature through an interactive protocol. The entire process does not require reconstructing the complete private key, and even if an attacker obtains fewer than t fragments, they cannot recover the private key or forge the signature. Its theoretical basis can be traced back to the Secret Sharing Scheme proposed by Shamir in 1979. This scheme avoids the risk of private key leakage due to the compromise of a single device. However, threshold signatures are currently mostly used between independent servers or devices in different physical locations, i.e., between external nodes, and do not consider application scenarios on terminal devices.
[0038] 2-2 threshold signatures are a special type of threshold signature scheme. Their core mechanism involves splitting the complete private key SK into two fragments, Sk1 and Sk2. Only by collecting both fragments can the complete private key SK be calculated. Simultaneously, a public key can be calculated to correspond to each fragment, verifying the non-repudiation of the ciphertext and signature fragments. When using fragments for calculation, the complete private key is not synthesized; instead, the fragments are used to directly sign to obtain the signature fragment, or to directly decrypt to obtain the plaintext fragment. Both the plaintext and signature fragments are ciphertext; the complete content cannot be calculated from a single fragment.
[0039] Against this backdrop, secure storage and computing capabilities of terminal devices have become crucial. Currently, the mainstream security solution uses TEE (Trusted Execution Environment). TEE, based on hardware-level isolation (such as ARM TrustZone technology), builds a secure world isolated from the REE within the main processor for storing and processing sensitive data (such as keys, biometrics, etc.). Due to its high performance and low cost, TEE is widely used in mobile devices, IoT terminals, and smart cars. However, the widespread application of TEE has also exposed the following problems: (1) Security and transparency issues of TEE itself Most commercially available TEEs are currently implemented in closed-source environments, such as Qualcomm Snapdragon's QSEE. Their underlying code, hardware implementation, and firmware policies are a "black box" for device manufacturers and application developers. Users find it difficult to independently audit or verify their security, and cannot rule out potential unknown vulnerabilities or deliberately reserved backdoor interfaces. In critical sectors affecting national welfare and people's livelihoods, this "unconditional trust" in a single closed-source TEE poses significant security risks.
[0040] (2) The availability of open source TEE is limited. While open-source TEE solutions such as OP-TEE exist in the industry, with transparent and auditable code, these open-source TEEs typically rely on specific hardware platforms or underlying support from chip manufacturers. For example, on widely used Qualcomm Snapdragon automotive chips, the underlying hardware is deeply tied to QSEE, making it impossible to directly run or migrate to OP-TEE, forcing equipment manufacturers to continue using closed-source TEEs.
[0041] (3) High deployment cost of hardware security modules In theory, hardware security modules can provide a higher level of security than TEEs. As an independent physical security chip, the internal key of an HSM is never exposed, providing physical tamper-proof capabilities. However, the introduction of HSMs will significantly increase hardware costs, PCB (printed circuit board) space requirements, and development and adaptation cycles. In the cost-sensitive and high-volume consumer electronics and automotive markets, it is unlikely to fully replace TEEs in the short term.
[0042] In summary, current terminal devices face the dilemma of needing to use TEEs but finding it difficult to fully trust them. How to reduce reliance on a single closed-source TEE and improve the security of key storage and use without increasing hardware costs and maintaining the existing TEE architecture has become an urgent technical problem to be solved.
[0043] In some embodiments, this application may provide a centralized key distribution and storage scheme. This scheme involves a target terminal device and a host computer connected to the target terminal device. The target terminal device includes a Trusted Execution Environment (TEE) and a Rich Execution Environment (REE). In one example, the target terminal device and the host computer are located in the same factory environment; the target terminal device may be referred to as... Figure 1 The components shown are among them. Figure 1 This is a schematic diagram of centralized key fragment filling provided in an embodiment of this application. For example... Figure 1 As shown, CPU resources are divided into REE and TEE in the components. Figure 1 This illustrates a scenario where, after the components are manufactured and the operating system is written, the host computer performs private key injection (storing the private key in the TEE).
[0044] It should be noted that in the factory environment, which includes components and a host computer, the components are newly flashed with the system but without a key (think of them as newly manufactured but not yet activated Windows computers). The host computer is responsible for adding the private key to the components. Within the components, two environments can be seen: REE and TEE.
[0045] REE runs various programs, and its storage system is public to all programs; that is, if program 1 can access a file, program 2 can also access that file. If an attacker gains root privileges on the REE, they can modify the contents of the REE's storage system, leading to the leakage of private keys.
[0046] The TEE also has a storage system for secure storage. The storage system in the TEE encrypts the content. If the TEE has a backdoor, an attacker may know the encryption key, leading to the leakage of the private key stored in the TEE.
[0047] To reduce reliance on a single closed-source TEE and improve the security of key storage and usage without increasing hardware costs and maintaining the existing TEE architecture, in the face of Figure 1 As shown in the scenario, this application embodiment provides a centralized key distribution and storage scheme, the execution flow of which is as follows: Figure 2 As shown. Among them, Figure 2 This is a flowchart of a key secure storage method provided in an embodiment of this application. For example... Figure 2 As shown, the key secure storage method includes steps S201 to S213 as shown below.
[0048] S201: The host computer randomly generates an asymmetric key pair, which includes the target private key and the target public key.
[0049] Asymmetric key pairs can be generated using a preset asymmetric algorithm. This asymmetric algorithm includes any one of the following: RSA, ECC, and SM2.
[0050] S203: The host computer uses a preset key splitting algorithm to split the target private key into a first private key fragment and a second private key fragment.
[0051] Different private key splitting methods can be used based on different mathematical principles. Preset key splitting algorithms may include, for example, any one of the following: Shamir secret sharing based on Lagrange interpolation or methods based on the Chinese Remainder Theorem. Shamir secret sharing is used to split the secret into multiple parts, and any t parts can be used to recover the secret. The Chinese Remainder Theorem is a theorem in number theory that can be used to construct secret sharing schemes and recover the secret through a set of congruence equations.
[0052] S205: The host computer generates a first public key fragment corresponding to the first private key fragment based on the first private key fragment, and generates a second public key fragment corresponding to the second private key fragment based on the second private key fragment.
[0053] S207: The host computer writes the first private key fragment, the first public key fragment, and the target public key into the rich execution environment.
[0054] S209: The rich execution environment stores the first private key fragment, the first public key fragment, and the target public key.
[0055] S211: The host computer writes the second private key fragment, the second public key fragment, and the target public key into the trusted execution environment.
[0056] S213: Trusted execution environment stores second private key fragments, second public key fragments, and target public key.
[0057] Figure 2 The corresponding implementation provides a solution that centrally generates asymmetric key pairs and splits the private key via a host computer. The private key fragments and their corresponding public key fragments are then written into the REE and TEE of the target terminal device, respectively. This fragmented storage method ensures that, in actual operation, if any single environment of the terminal device is compromised, complete control of the private key cannot be obtained. This solution reduces reliance on a single closed-source TEE and improves the security of key storage and use without increasing hardware costs or maintaining the existing TEE architecture.
[0058] Centralized key distribution is suitable for scenarios that require storing the complete private key. However, for scenarios with higher security requirements where it is not desirable to store the complete private key in any scenario, a distributed approach can be adopted, where the private key is never stored in its entirety unless all private key fragments are extracted.
[0059] Based on this, embodiments of this application can also provide a distributed key distribution and storage scheme. This scheme is executed by a target terminal device, which includes a Trusted Execution Environment (TEE) and a Rich Execution Environment (REE). The execution flow of this scheme is as follows: Figure 3 As shown. Among them, Figure 3 This is another flowchart of the key secure storage method provided in the embodiments of this application. For example... Figure 3 As shown, the key secure storage method includes steps S301 to S309 as shown below.
[0060] S301: The rich execution environment randomly generates the first private key fragment, and generates the first public key fragment corresponding to the first private key fragment based on the first private key fragment.
[0061] The rich execution environment can randomly generate a first secret value and generate a first private key fragment based on the first secret value.
[0062] S303: The rich execution environment sends the first public key fragment to the trusted execution environment.
[0063] S305: The trusted execution environment randomly generates a second private key fragment, generates a second public key fragment corresponding to the second private key fragment, and generates a target public key based on the first public key fragment and the second public key fragment. The second private key fragment, the second public key fragment, and the target public key are stored.
[0064] The trusted execution environment can randomly generate a second secret value and generate a second private key fragment based on the second secret value.
[0065] S307: The trusted execution environment sends the target public key and the second public key fragment to the rich execution environment.
[0066] S309: The rich execution environment generates a target public key based on the first public key fragment and the second public key fragment, and in response to the generated target public key being the same as the received target public key, stores the first private key fragment, the first public key fragment, and the target public key.
[0067] Figure 3 The corresponding implementation provides a distributed key distribution and storage scheme based on a dual-environment collaborative architecture of REE and TEE within the target terminal device. It utilizes threshold cryptography to achieve distributed generation and fragmented storage of private keys. Since a complete private key never exists in a single environment, even if the Trusted Execution Environment (TEE) has backdoors or vulnerabilities due to its closed-source nature, an attacker cannot recover the complete private key even with only a single fragment. Therefore, this scheme reduces reliance on a single closed-source TEE and improves the security of key storage and use without increasing hardware costs or maintaining the existing TEE architecture.
[0068] The target terminal device adopts, for example Figure 2 or Figure 3 After the key storage is completed using the scheme shown, when the REE in the target terminal device needs to perform specific processing on the target data (such as signature processing or decryption processing), it can do so by executing... Figure 4 The information processing flow shown is processed collaboratively with the TEE in the target terminal device. Among them, Figure 4 This is a flowchart of an information processing method provided in an embodiment of this application. For example... Figure 4 As shown, the information processing method includes: S401: The rich execution environment sends a message processing request to the trusted execution environment. The message processing request includes target data to be processed in a specified manner, and the specified processing includes signature processing or decryption processing. S403: The trusted execution environment, based on the information processing request, uses the second private key fragment to perform specified processing on the target data to obtain the first processing result; S405: The trusted execution environment sends the first processing result to the rich execution environment; S407: The rich execution environment uses the first private key fragment to perform specified processing on the target data, obtains the second processing result, and merges the first processing result and the second processing result to obtain the target result.
[0069] Figure 4 The corresponding implementation provides a solution that, based on the aforementioned fragmented storage architecture, achieves distributed collaborative processing of signature and decryption operations. During processing, the REE and TEE respectively use their respective private key fragments to perform operations on the target data and generate intermediate results. Finally, the REE merges the results. Since the operation process does not require reconstructing the complete private key, and both environments need to participate in the collaboration, the security risks caused by complete control over a single environment are effectively avoided. This mechanism supports various cryptographic operations such as signature and decryption, ensuring the operational security of the target terminal device when processing sensitive information without increasing hardware overhead, and maintaining the original high performance and low cost advantages of the TEE.
[0070] In some embodiments, such as Figure 5 As shown, the specified processing described above can be signature processing, the first processing result can be the first signature fragment, the second processing result can be the second signature fragment, and the target result can be the target signature. Wherein, Figure 5 This is a flowchart of a signature generation method provided in an embodiment of this application. For example... Figure 5 As shown, a rich execution environment (REA) can use the target public key to verify the target signature, and in response to successful signature verification, confirm that the signature generation is complete. It can be understood that when a REA needs to sign target data, it can do so through methods such as... Figure 5 The signature generation process shown works in conjunction with a trusted execution environment to generate signatures.
[0071] As one implementation, when a rich execution environment verifies a target signature using the target public key, it can decrypt the target signature using the target public key to obtain a first hash value, and then perform a hash operation on the target data using a preset hash algorithm to obtain a second hash value. If the first hash value and the second hash value match, the target signature verification is successful. If the first hash value and the second hash value do not match, the target signature verification fails.
[0072] For example, the collaborative signature algorithm used between the trusted execution environment and the rich execution environment can include one of the following: threshold SM2 signature, threshold RSA signature, threshold BLS signature, and threshold Schnorr signature. Threshold SM2 signature is suitable for domestic substitution needs, based on the SM2 elliptic curve cryptography algorithm to achieve collaborative signatures compliant with national cryptographic standards; the trusted execution environment and the rich execution environment each hold a fragment of the SM2 private key, collaboratively generating the SM2 signature. Threshold RSA signature is suitable for scenarios compatible with existing RSA infrastructure, using the threshold RSA scheme proposed by Shoup to achieve fragmented storage of RSA private keys and collaborative signatures; it should be noted that the computational overhead of the RSA threshold protocol is relatively large. Threshold BLS signature is suitable for scenarios requiring signature aggregation; BLS signature itself supports threshold construction, can achieve efficient collaborative signatures based on bilinear pairings, and has short signature lengths and convenient aggregation. Threshold Schnorr signature is suitable for scenarios requiring multi-signature, such as blockchain; threshold Schnorr schemes (such as the FROST protocol) are characterized by fewer rounds and simple implementation.
[0073] In some embodiments, such as Figure 6 As shown, the specified processing described above can be decryption processing. The first processing result can be the first plaintext fragment, the second processing result can be the second plaintext fragment, and the target result can be the complete plaintext of the target data. Among these, Figure 6 This is a flowchart of a signature generation method provided in an embodiment of this application. It can be understood that when an external system encrypts data using the target public key, the ciphertext (target data) is transmitted to the target terminal device, and the rich execution environment and trusted execution environment collaboratively decrypt the data to obtain the complete plaintext of the target data.
[0074] For example, the collaborative decryption method used between the trusted execution environment and the rich execution environment can include one of the following: threshold ElGamal decryption, threshold SM2 decryption, and threshold RSA decryption. Threshold ElGamal decryption, based on the ElGamal encryption algorithm, stores the private key in fragments. During ciphertext decryption, both the trusted execution environment and the rich execution environment calculate their respective portions of the decryption results, which are then combined to recover the plaintext. For threshold SM2 decryption, the SM2 algorithm supports both encryption and decryption, and collaborative decryption can be achieved based on a principle similar to threshold SM2 signatures. Threshold RSA decryption is suitable for RSA encryption scenarios, employing a threshold RSA scheme to achieve collaborative decryption and protect the security of the RSA private key.
[0075] It should be noted that in this application, the threshold is set to a 2-2 scheme only because of TEE and REE. However, depending on the scenario, 2-2 can be extended to an nt scheme (2≤t≤n), such as the 3-2 scheme. 3-3 is applicable to different scenarios. Please refer to the dual TEE collaboration, TEE+REE+additional component collaboration, and TEE+REE+cloud HSM collaboration scenarios described below. Here, the (t, n) threshold indicates that at least t participants out of n participants must collaborate to recover the secret or generate a signature.
[0076] Furthermore, this application is based on TEE+REE dual-environment collaboration. However, due to the large number of components, there may be two operating systems deployed on a single component, and the operating systems are connected via hardware. Therefore, as an alternative, it can be extended to other heterogeneous security environment combinations: Dual TEE Collaboration: If a device integrates two TEEs from different manufacturers (such as a main chip TEE + a security chip TEE), private key fragments can be stored in the two TEEs respectively, achieving cross-vendor trust distribution.
[0077] TEE+REE+Additional Component Collaboration: Store one private key fragment in the TEE, one in the REE, and one in another component.
[0078] TEE+REE+Cloud HSM Collaboration: One private key fragment is stored locally on the TEE, another on the REE, and a third in the cloud HSM. This is suitable for scenarios that require sharing keys across devices (such as vehicle-to-cloud communication).
[0079] This application embodiment also provides a terminal device, including a trusted execution environment and a rich execution environment; A rich execution environment is used to randomly generate a first private key fragment, generate a first public key fragment corresponding to the first private key fragment, and send the first public key fragment to the trusted execution environment. A trusted execution environment is used to randomly generate a second private key fragment, generate a second public key fragment corresponding to the second private key fragment, generate a target public key based on the first public key fragment and the second public key fragment, store the second private key fragment, the second public key fragment and the target public key, and send the target public key and the second public key fragment to the rich execution environment. The rich execution environment is also used to generate a target public key based on the first public key fragment and the second public key fragment, and in response to the generated target public key being the same as the received target public key, to store the first private key fragment, the first public key fragment, and the target public key.
[0080] In some embodiments, the rich execution environment is further configured to send an information processing request to the trusted execution environment, the information processing request including target data to be processed in a specified manner, the specified processing including signature processing or decryption processing; The trusted execution environment is also used to perform specified processing on the target data using the second private key fragment according to the information processing request, obtain the first processing result, and send the first processing result to the rich execution environment; The rich execution environment is also used to perform specified processing on the target data using the first private key fragment, obtain the second processing result, and merge the first processing result and the second processing result to obtain the target result.
[0081] This application also provides an electronic device, including a memory and a processor. The memory stores a computer program, and when the computer program is executed by the processor, it implements the following key secure storage method: Randomly generate an asymmetric key pair, which includes a target private key and a target public key; Using a preset key splitting algorithm, the target private key is split into a first private key fragment and a second private key fragment; Generate a first public key fragment corresponding to the first private key fragment based on the first private key fragment, and generate a second public key fragment corresponding to the second private key fragment based on the second private key fragment; The first private key fragment, the first public key fragment, and the target public key are written into the rich execution environment of the target terminal device for storage, and the second private key fragment, the second public key fragment, and the target public key are written into the trusted execution environment of the target terminal device for storage.
[0082] This embodiment also provides a computer-readable storage medium having a computer program stored thereon. The computer program is loaded by a processor to execute the key secure storage method shown below: Randomly generate an asymmetric key pair, which includes a target private key and a target public key; Using a preset key splitting algorithm, the target private key is split into a first private key fragment and a second private key fragment; Generate a first public key fragment corresponding to the first private key fragment based on the first private key fragment, and generate a second public key fragment corresponding to the second private key fragment based on the second private key fragment; The first private key fragment, the first public key fragment, and the target public key are written into the rich execution environment of the target terminal device for storage, and the second private key fragment, the second public key fragment, and the target public key are written into the trusted execution environment of the target terminal device for storage.
[0083] In the embodiments of this application, the storage medium may be a magnetic disk, an optical disk, a read-only memory (ROM), or a random access memory (RAM), etc.
[0084] In the above embodiments, the descriptions of each embodiment have different focuses. For parts not described in detail in a certain embodiment, please refer to the relevant descriptions in other embodiments.
[0085] This application also provides a computer program product, including a computer program / instructions, which, when executed by a processor, implements the following key secure storage method: Randomly generate an asymmetric key pair, which includes a target private key and a target public key; Using a preset key splitting algorithm, the target private key is split into a first private key fragment and a second private key fragment; Generate a first public key fragment corresponding to the first private key fragment based on the first private key fragment, and generate a second public key fragment corresponding to the second private key fragment based on the second private key fragment; The first private key fragment, the first public key fragment, and the target public key are written into the rich execution environment of the target terminal device for storage, and the second private key fragment, the second public key fragment, and the target public key are written into the trusted execution environment of the target terminal device for storage.
[0086] Based on the foregoing description, the solution provided in this application embodiment can achieve the following: (1) Dual-environment sharded storage architecture based on the assumption of "distrustful TEE" Unlike traditional solutions that store the private key intact in the TEE and trust the TEE to be absolutely secure, this application explicitly abandons the trust assumption of closed-source TEEs and splits the private key into two parts, storing them separately in the TEE and REE. Even if the TEE has backdoors or vulnerabilities, attackers can only obtain a meaningless fragment and cannot recover the private key or forge signatures. This architecture fundamentally reduces the dependence on a single security hardware and solves the trust crisis caused by the "black box" nature of closed-source TEEs.
[0087] (2) Local dual-environment collaborative signature mechanism Unlike related technologies where threshold signatures are commonly used in distributed network nodes (multiple servers), this application applies threshold signatures for the first time to a collaborative scenario between a TEE and REE environment within a terminal device. During the signing or decryption process, the TEE and REE interact locally through a secure channel, each using its own fragments to complete the computation, without reconstructing the complete private key. This mechanism avoids the complex communication overhead of multi-node threshold signatures and adapts to the resource constraints of terminal devices.
[0088] (3) Low-cost, zero-hardware transitional security enhancement solution Addressing the pain points of high cost and slow deployment of HSMs, this application achieves security enhancement for closed-source TEEs without adding any extra hardware or replacing existing TEE chips, solely through software-level key fragmentation and collaboration protocols. This "transitional" solution provides equipment manufacturers with a low-cost and rapidly deployable security upgrade path during the localization process.
[0089] (4) Quantitative security gains due to increased attack difficulty in heterogeneous environments This application leverages the heterogeneity of TEE and REE (one is highly isolated, the other feature-rich; one is closed-source, the other relatively transparent) to construct a defense depth. Attackers must simultaneously compromise two completely different security environments to obtain the complete private key, increasing the attack cost from "compromising one point of the TEE" to "simultaneously compromising two points of the TEE and REE," achieving a non-linear enhancement of security. This quantified security gain is unattainable by traditional single-TEE solutions.
[0090] (5) Seamless adaptation capability to the existing TEE ecosystem This application does not change the existing TEE hardware architecture and basic services. It only requires adding a trusted application that supports threshold collaboration within the TEE and a corresponding ordinary application on the REE side. This design allows the solution to seamlessly adapt to widely deployed closed-source TEE platforms (such as Snapdragon QSEE) without requiring chip manufacturers to modify the underlying firmware, thus possessing strong industrial application value.
[0091] This application addresses the dual challenges of potential backdoor risks in closed-source TEEs and excessively high costs in HSMs in related technologies. It proposes an innovative architecture based on key fragmentation and dual-environment collaboration, the advantages of which can be clearly demonstrated through the following reasoning: Because this application splits the private key SK into two fragments, stored separately in the TEE and REE, an attacker who only compromises a single environment (whether TEE or REE) can only obtain a meaningless random fragment, unable to recover the complete private key or forge a signature. Therefore, this application raises the risk condition of private key leakage from "compromising a single point in the TEE" to "simultaneously compromising two heterogeneous environments, the TEE and the REE." Since the TEE and REE differ fundamentally in their architectural design, attack surface, and defense capabilities (one is highly isolated but closed-source, the other feature-rich but relatively transparent), simultaneously compromising both is far more difficult than compromising a single environment, achieving a non-linear enhancement of security.
[0092] Furthermore, this application achieves the aforementioned security gains solely through software-level key fragmentation and collaboration protocols without adding any extra hardware or replacing existing TEE chips. Compared to HSM deployment solutions, this application has zero hardware cost, a short development cycle, and can be quickly adapted to existing terminal devices (such as Snapdragon automotive chip platforms), providing device manufacturers with a low-cost and feasible transitional security upgrade path. Simultaneously, this application is compatible with the existing TEE ecosystem, requiring no modification to the underlying firmware by chip manufacturers, and possesses significant industrial promotion value.
[0093] In summary, this application takes "distrusting TEE" as the starting point for security, and replaces hardware trust with mathematical mechanisms. While maintaining the low-cost advantage of TEE, it significantly reduces the dependence on a single closed-source TEE, and solves the core pain point of "having to use TEE but finding it difficult to trust TEE" in the process of localization substitution.
[0094] The key security storage method, information processing method, terminal device, and electronic device provided in the embodiments of this application have been described in detail above. Specific examples have been used to illustrate the principles and implementation methods of this application. The description of the above embodiments is only for the purpose of helping to understand the method and core ideas of this application. At the same time, for those skilled in the art, there will be changes in the specific implementation methods and application scope based on the ideas of this application. Therefore, the content of this specification should not be construed as a limitation of this application.
Claims
1. A method for securely storing keys, characterized in that, Applied to a target terminal device, the target terminal device including a trusted execution environment and a rich execution environment, the key secure storage method includes: The rich execution environment randomly generates a first private key fragment, generates a first public key fragment corresponding to the first private key fragment, and sends the first public key fragment to the trusted execution environment. The trusted execution environment randomly generates a second private key fragment, generates a second public key fragment corresponding to the second private key fragment, generates a target public key based on the first public key fragment and the second public key fragment, stores the second private key fragment, the second public key fragment and the target public key, and sends the target public key and the second public key fragment to the rich execution environment; The rich execution environment generates the target public key based on the first public key fragment and the second public key fragment, and in response to the generated target public key being the same as the received target public key, stores the first private key fragment, the first public key fragment, and the target public key.
2. The key secure storage method according to claim 1, characterized in that, The rich execution environment randomly generates the first private key fragment, including: A first secret value is randomly generated, and the first private key fragment is generated based on the first secret value; The trusted execution environment randomly generates a second private key fragment, including: A second secret value is randomly generated, and a second private key fragment is generated based on the second secret value.
3. A method for securely storing keys, characterized in that, A host computer applied to a target terminal device for connection, wherein the target terminal device includes a trusted execution environment and a rich execution environment, and the key secure storage method includes: Randomly generate an asymmetric key pair, wherein the asymmetric key pair includes a target private key and a target public key; Using a preset key splitting algorithm, the target private key is split into a first private key fragment and a second private key fragment; Generate a first public key fragment corresponding to the first private key fragment based on the first private key fragment, and generate a second public key fragment corresponding to the second private key fragment based on the second private key fragment; The first private key fragment, the first public key fragment, and the target public key are written into the rich execution environment for storage, and the second private key fragment, the second public key fragment, and the target public key are written into the trusted execution environment for storage.
4. An information processing method, characterized in that, The method is applied to a target terminal device, which includes a trusted execution environment and a rich execution environment. The rich execution environment stores a first private key fragment, and the trusted execution environment stores a second private key fragment. The first private key fragment and the second private key fragment are stored using the key security storage method as described in any one of claims 1-3. The information processing method includes: The rich execution environment sends an information processing request to the trusted execution environment. The information processing request includes target data to be processed in a specified manner, and the specified processing includes signature processing or decryption processing. The trusted execution environment performs the specified processing on the target data using the second private key fragment according to the information processing request, obtains a first processing result, and sends the first processing result to the rich execution environment. The rich execution environment uses the first private key fragment to perform the specified processing on the target data to obtain a second processing result, and then merges the first processing result and the second processing result to obtain the target result.
5. The information processing method according to claim 4, characterized in that, The specified processing is the signature processing, the first processing result is the first signature fragment, the second processing result is the second signature fragment, and the target result is the target signature; the trusted execution environment and the rich execution environment also store a target public key, which is stored using the key security storage method as described in any one of claims 1-3; the information processing method further includes: The rich execution environment uses the target public key to verify the target signature, and in response to the successful verification of the target signature, determines that the signature generation is complete.
6. The information processing method according to claim 5, characterized in that, The rich execution environment uses the target public key to verify the target signature, including: The target signature is decrypted using the target public key to obtain the first hash value; The target data is hashed using a preset hash algorithm to obtain a second hash value; If the first hash value matches the second hash value, then the target signature verification is successful.
7. The information processing method according to claim 4, characterized in that, The specified processing is the decryption processing, the first processing result is the first plaintext fragment, the second processing result is the second plaintext fragment, and the target result is the complete plaintext of the target data.
8. A terminal device, characterized in that, This includes trusted execution environments and rich execution environments; The rich execution environment is used to randomly generate a first private key fragment, generate a first public key fragment corresponding to the first private key fragment, and send the first public key fragment to the trusted execution environment. The trusted execution environment is used to randomly generate a second private key fragment, generate a second public key fragment corresponding to the second private key fragment, generate a target public key based on the first public key fragment and the second public key fragment, store the second private key fragment, the second public key fragment and the target public key, and send the target public key and the second public key fragment to the rich execution environment. The rich execution environment is further configured to generate the target public key based on the first public key fragment and the second public key fragment, and in response to the generated target public key being the same as the received target public key, store the first private key fragment, the first public key fragment, and the target public key.
9. The terminal device according to claim 8, characterized in that, The rich execution environment is further configured to send an information processing request to the trusted execution environment, the information processing request including target data to be processed in a specified manner, the specified processing including signature processing or decryption processing; The trusted execution environment is further configured to perform the specified processing on the target data using the second private key fragment according to the information processing request, obtain a first processing result, and send the first processing result to the rich execution environment; The rich execution environment is further configured to use the first private key fragment to perform the specified processing on the target data to obtain a second processing result, and to merge the first processing result and the second processing result to obtain the target result.
10. An electronic device, characterized in that, It includes a memory and a processor, wherein the memory stores a computer program, which, when executed by the processor, implements the key secure storage method as described in claim 3.