A method for secure execution of directional instructions in broadcast terminals based on hardware encryption chips.
By introducing a hardware encryption chip into the broadcast system for hardware-level verification, the problem of security attack surface exposure caused by the reliance on terminal main CPU software execution for instruction verification is solved. This enables precise targeted execution of broadcast instructions and ensures the unbypassable nature of the verification link, thereby improving the security and reliability of the system.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- NAT SATELLITE METEOROLOGICAL CENT
- Filing Date
- 2026-04-21
- Publication Date
- 2026-07-14
AI Technical Summary
In existing broadcast systems, instruction verification relies on the terminal's main CPU software, which exposes the security attack surface and poses a risk of tampering with the verification and execution link, making it impossible to achieve a true "verification equals execution" closed loop.
A targeted instruction security execution method based on hardware encryption chips is adopted. A targeted password packet is constructed through a layered encryption strategy. Hardware-level verification is performed using the encryption chip, which is independent of the terminal's main CPU. This ensures that the hardware-level verification result is unbypassable and triggers chip self-locking when verification fails.
It enables precise targeted execution of broadcast commands, ensures that the verification link cannot be bypassed, improves the security and reliability of the broadcast system, and prevents attackers from tampering with control commands.
Smart Images

Figure CN122394889A_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of wireless broadcast communication technology, and in particular to a method for secure execution of directional instructions in a broadcast terminal based on a hardware encryption chip. Background Technology
[0002] With the widespread application of wireless broadcasting communication technology, digital audio broadcasting, satellite broadcasting, and IP network broadcasting systems play a vital role in scenarios such as emergency warning, public information dissemination, and remote device management. In these broadcasting systems, the server needs to send control commands to terminal devices distributed across various locations via broadcast channels to achieve remote status management of the terminals, such as waking them up, putting them to sleep, adjusting their volume, or disabling certain functions. Because broadcast channels have a unidirectional transmission characteristic, the server cannot establish a two-way handshake confirmation mechanism with each terminal. Therefore, the secure issuance and accurate execution of commands become crucial to ensuring the reliable operation of the broadcasting system.
[0003] Existing broadcast systems have the following main shortcomings in secure execution of terminal-directed commands: First, command verification relies on the terminal's main CPU software. Currently, most terminals, after receiving a command packet, have the main CPU run a software program to decrypt the command and verify the identity, then use the verification result to control terminal state switching. In this approach, key storage, decryption operations, and verification logic are all exposed to the main CPU's operating environment. Operating system vulnerabilities, firmware reverse engineering, or memory extraction attacks can all lead to the bypassing of the verification mechanism or the theft of keys, making command security entirely dependent on the strength of software-level protection. Second, there is a hijackable control link between command verification and state execution. In a software verification architecture, after completing verification, the main CPU needs to send control signals to the terminal's functional circuits via the bus or I / O pins. After gaining control of the main CPU, attackers can directly forge verification signals or tamper with control commands, rendering the encrypted verification process ineffective and failing to achieve a true "verification equals execution" closed loop.
[0004] It should be noted that the information disclosed in this background section is intended only to enhance the understanding of the overall background of the invention and should not be construed as an admission or in any way implying that the information constitutes prior art known to those skilled in the art. Summary of the Invention
[0005] To address the aforementioned deficiencies or improvement needs of existing technologies, this invention provides a secure execution method for broadcast terminal directed instructions based on a hardware encryption chip. This method solves the problems of security attack surface exposure caused by instruction verification relying on the terminal's main CPU software execution, and the potential for tampering in the verification and execution link. It achieves precise directed execution of broadcast instructions and ensures the verification link is unbypassable. The specific technical solution is as follows:
[0006] According to a first aspect of the present invention, a method for secure execution of directed instructions in a broadcast terminal based on a hardware encryption chip is provided, the method comprising:
[0007] On the server side, a layered encryption strategy is used to construct a targeted password packet based on the information of the target terminal;
[0008] The targeted password packet is broadcast through a broadcast channel. After receiving the targeted password packet, the terminal's main CPU performs type identification and transparent transmission of the targeted password packet, and writes the original data of the targeted password packet into an encryption chip. The encryption chip is set independently of the terminal's main CPU.
[0009] The encryption chip is used to perform hardware-level verification on the targeted password packet to obtain a hardware-level verification result.
[0010] If the hardware-level verification result is successful, the encryption chip outputs a hardware control signal to perform a state switch.
[0011] If the hardware-level verification result is that the verification fails, the hardware error counter is triggered to accumulate and the targeted password packet is discarded. The accumulated result of the hardware error counter is counted. When the accumulated result is greater than or equal to a preset threshold, the chip self-locking is triggered. When the accumulated result is less than the preset threshold, the current processing ends.
[0012] In one implementation, the server constructs a targeted encryption packet based on the target terminal's information using a layered encryption strategy, and also performs the following processing:
[0013] Extract the target unique identifier from the information of the target terminal, and concatenate the target unique identifier, the status instruction to be executed, and the current timestamp according to a preset format to obtain plaintext instruction data;
[0014] Generate a random symmetric session key, and call a symmetric encryption algorithm to encrypt the plaintext instruction data using the symmetric session key to obtain the first ciphertext;
[0015] The symmetric session key is encrypted using a pre-set public key in the target terminal by calling an asymmetric encryption algorithm to obtain the second ciphertext;
[0016] The first ciphertext and the second ciphertext are combined to obtain the directed command packet.
[0017] In one implementation, the symmetric encryption algorithm is the AES-GCM algorithm;
[0018] The first ciphertext contains an authentication tag generated using the AES-GCM algorithm;
[0019] The asymmetric encryption algorithm is one of the SM2 algorithm, RSA algorithm, or ECC algorithm.
[0020] In one embodiment, the encryption chip is internally provided with a one-time programmable memory and a hardware comparator, wherein the one-time programmable memory is implemented using a fuse structure or an antifuse structure, and the hardware comparator is directly connected to the read circuit of the one-time programmable memory.
[0021] The targeted password packet is decrypted using a pre-set terminal private key to obtain the target's unique identifier.
[0022] The target unique identifier is compared using a hardware comparator to obtain the hardware comparison result.
[0023] Perform timestamp validity verification on the target's unique identifier and obtain the timestamp validity verification result;
[0024] The hardware-level verification result is determined based on the hardware comparison results and the timestamp validity verification results.
[0025] In one implementation, based on the hardware comparison result and the timestamp validity verification result, the hardware-level verification result is determined, and the following processing is further performed:
[0026] When the hardware comparison result is consistent and the timestamp validity verification result is valid, the hardware-level verification result is verification passed;
[0027] When the hardware comparison result is inconsistent and / or the timestamp validity verification result is invalid, the hardware-level verification result is verification failure.
[0028] In one implementation, a hardware comparator is used to perform a hardware comparison of the target unique identifier to obtain the hardware comparison result, and the following processing is also performed:
[0029] The target unique identifier is fed into the hardware comparator and compared bit by bit with the local unique identifier inside the encryption chip.
[0030] If all bit levels are consistent, the hardware comparator outputs a consistency signal, and the hardware comparison result is a hardware comparison match.
[0031] If any bit level is inconsistent, the hardware comparator outputs a difference signal, and the hardware comparison result is a hardware comparison inconsistency.
[0032] In one implementation, the target unique identifier is timestamped to verify its validity, and the following processing is performed to obtain the timestamped validity verification result:
[0033] Read the timestamp of the last valid instruction recorded in the non-volatile memory inside the encryption chip;
[0034] Compare the timestamp corresponding to the target unique identifier with the timestamp of the last valid instruction. If the timestamp corresponding to the target unique identifier is less than or equal to the timestamp of the last valid instruction, the timestamp validity check result is that the timestamp is invalid.
[0035] If the absolute value of the deviation between the timestamp corresponding to the target unique identifier and the current reference time provided by the independent clock source inside the encryption chip exceeds a preset time threshold, the timestamp validity verification result is that the timestamp is invalid.
[0036] In one implementation, the targeted password packet is broadcast through a broadcast channel. After receiving the targeted password packet, the terminal's main CPU performs type identification and transparent transmission of the targeted password packet, writes the original data of the targeted password packet into the encryption chip, and performs the following processing:
[0037] After receiving the targeted password packet, the secure communication module on the terminal side transmits the targeted password packet to the terminal's main CPU;
[0038] The terminal's main CPU identifies the header identifier of the targeted command packet, determines that the data packet type is a targeted command packet, and then writes the original binary data of the targeted command packet completely into the receiving buffer of the encryption chip via the SPI bus, I2C bus, or UART bus.
[0039] During the transparent transmission process, the terminal's main CPU does not perform parsing, decryption, or verification operations on the payload field of the directional command packet.
[0040] In one implementation, if the hardware-level verification result is a verification failure, a hardware error counter is incremented and the targeted password packet is discarded. The incremented result of the hardware error counter is then calculated. When the incremented result is greater than or equal to a preset threshold, a chip self-locking is triggered. When the incremented result is less than the preset threshold, the current processing ends, and the following processing is also performed:
[0041] When the accumulated result of the hardware error counter reaches a preset threshold, the fuse control circuit inside the encryption chip generates a fuse current pulse, changing the internal programming fuse bit from the on state to the off state, irreversibly disabling the reading path of the preset terminal private key and triggering the chip self-locking.
[0042] In one embodiment, the hardware error counter is stored in a non-volatile memory unit inside the encryption chip, and the count value remains unchanged after the terminal is powered off and then powered on again.
[0043] Beneficial effects of the embodiments of the present invention:
[0044] In the solution provided by this invention, a targeted command packet is constructed on the server side using a layered encryption strategy based on the target terminal's information. This targeted command packet is then broadcast through a broadcast channel. Upon receiving the targeted command packet, the terminal's main CPU identifies and transmits the packet, writing the original data into an encryption chip. This encryption chip is independent of the terminal's main CPU. Hardware-level verification is performed on the targeted command packet using the encryption chip to obtain a hardware-level verification result. If the hardware-level verification passes, the encryption chip outputs a hardware control signal to switch states. If the hardware-level verification fails, a hardware error counter is incremented, the targeted command packet is discarded, and the incremented hardware error counter is counted. When the incremented result is greater than or equal to a preset threshold, the chip self-locks; when the incremented result is less than the preset threshold, the current processing ends. This achieves precise targeted execution of broadcast commands and ensures the verification link is unbypassable. Of course, implementing any product or method of this invention does not necessarily require achieving all the advantages described above simultaneously. Attached Figure Description
[0045] To more clearly illustrate the technical solutions in the embodiments of the present invention or the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below. Obviously, the drawings described below are only some embodiments of the present invention. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.
[0046] Figure 1 This invention provides a schematic flowchart of a method for secure execution of directional instructions in a broadcast terminal based on a hardware encryption chip.
[0047] Figure 2 This diagram illustrates the process of constructing a targeted command packet in the secure execution method for targeted instructions in a broadcast terminal based on a hardware encryption chip provided by the present invention. Detailed Implementation
[0048] To facilitate understanding of the present invention, a more complete description of the invention will be given below with reference to the accompanying drawings, which illustrate preferred embodiments of the invention. However, the invention can be implemented in many different forms and is not limited to the embodiments described herein; rather, these embodiments are provided to enable a more thorough and complete understanding of the disclosure of the invention.
[0049] Furthermore, the technical features involved in the various embodiments of the present invention described below can be combined with each other as long as they do not conflict with each other.
[0050] In the description of this invention, it should be understood that the terms "center," "longitudinal," "lateral," "length," "width," "thickness," "upper," "lower," "front," "rear," "left," "right," "vertical," "horizontal," "top," "bottom," "inner," "outer," "clockwise," and "counterclockwise," etc., indicate the orientation or positional relationship based on the orientation or positional relationship shown in the accompanying drawings. They are only for the convenience of describing this invention and simplifying the description, and do not indicate or imply that the device or element referred to must have a specific orientation, or be constructed and operated in a specific orientation. Therefore, they should not be construed as limitations on this invention.
[0051] Unless otherwise expressly stated, throughout the specification and claims, the term "comprising" or its variations such as "including" or "comprises" shall be understood to include the stated elements or components without excluding other elements or other components.
[0052] The present invention provides a secure execution method for broadcast terminal directional instructions based on a hardware encryption chip, which is used to solve the problems of security attack surface exposure caused by instruction verification relying on the execution of the terminal's main CPU software, and the possibility of tampering in the verification and execution link in the prior art.
[0053] Example: See Figure 1 The flowchart of the secure execution method for broadcast terminal directional instructions based on a hardware encryption chip provided in this embodiment of the invention includes:
[0054] On the server side, a layered encryption strategy is used to construct a targeted password packet based on the information of the target terminal.
[0055] In one implementation, such as Figure 2 As shown, on the server side, a layered encryption strategy is used to construct a targeted password packet based on the target terminal's information, including:
[0056] Extract the target unique identifier from the information of the target terminal, and concatenate the target unique identifier, the status instruction to be executed, and the current timestamp according to a preset format to obtain plaintext instruction data;
[0057] Generate a random symmetric session key, and call a symmetric encryption algorithm to encrypt the plaintext instruction data using the symmetric session key to obtain the first ciphertext;
[0058] The symmetric session key is encrypted using a pre-set public key in the target terminal by calling an asymmetric encryption algorithm to obtain the second ciphertext;
[0059] The first ciphertext and the second ciphertext are combined to obtain the directed command packet.
[0060] In one implementation, the symmetric encryption algorithm is the AES-GCM algorithm;
[0061] The first ciphertext contains an authentication tag generated using the AES-GCM algorithm;
[0062] The asymmetric encryption algorithm is one of the SM2 algorithm, RSA algorithm, or ECC algorithm.
[0063] It should be noted that layered encryption strategy refers to a processing method that uses two different types of cryptographic algorithms to encrypt data. In this step, it is specifically manifested as the nested use of symmetric and asymmetric encryption. The symmetric session key is a one-time key randomly generated by the server and used only for the encryption of this instruction. Its length and algorithm strength meet the security requirements of symmetric encryption. Plaintext instruction data refers to the instruction content that has not yet been encrypted, containing three information fields: a unique target identifier, a status instruction, and a timestamp.
[0064] Specifically, the target unique identifier refers to the identification code extracted by the server from the terminal information database that uniquely corresponds to the specific broadcast terminal to be controlled by this instruction. It has a one-to-one correspondence with the local unique identifier embedded in the encryption chip on the terminal side.
[0065] When the server needs to send a status change command to a specific broadcast terminal, it retrieves the target unique identifier for that terminal from the terminal information database. The server then concatenates this target unique identifier, the opcode corresponding to the status command to be executed, and the current system timestamp, according to the field order agreed upon with the terminal's encryption chip, to form a plaintext command data in binary form. Subsequently, the server calls a hardware random number generator to generate a random symmetric session key and invokes a symmetric encryption algorithm engine to encrypt the plaintext command data using this symmetric session key as the encryption parameter, outputting the first ciphertext. When the AES-GCM algorithm is selected as the symmetric encryption algorithm, the encryption engine simultaneously generates an authentication tag, which is associated with the first ciphertext and used to verify whether the command packet has been tampered with during transmission during the decryption phase.
[0066] The server retrieves the pre-set public key corresponding to the target terminal from the key management module, and uses an asymmetric encryption algorithm to encrypt the symmetric session key, generating a second ciphertext. Finally, the server encapsulates the first ciphertext, the second ciphertext, and auxiliary information such as the initialization vector according to a predetermined frame structure to form a directional command packet that can be transmitted in the broadcast channel.
[0067] By constructing a targeted command packet using a layered encryption structure, the command content remains encrypted and protected throughout the public transmission of the broadcast channel. Since the symmetric session key is encrypted by the target terminal's public key, only the target terminal's encryption chip, which holds the corresponding private key, can decrypt the symmetric session key and thus decrypt the command content. Non-target terminals, lacking the corresponding private key, are unable to parse the command packet, thus ensuring the confidentiality and integrity of command transmission and the targeted locking of the target terminal from the source.
[0068] The targeted password packet is broadcast through a broadcast channel. After receiving the targeted password packet, the terminal's main CPU identifies the type of the targeted password packet and transmits it transparently. The original data of the targeted password packet is written into the encryption chip, which is set independently of the terminal's main CPU.
[0069] In one implementation, the targeted password packet is broadcast through a broadcast channel. After receiving the targeted password packet, the terminal's main CPU performs type identification and transparent transmission of the targeted password packet, and writes the original data of the targeted password packet into an encryption chip, including:
[0070] After receiving the targeted password packet, the secure communication module on the terminal side transmits the targeted password packet to the terminal's main CPU;
[0071] The terminal's main CPU identifies the header identifier of the targeted command packet, determines that the data packet type is a targeted command packet, and then writes the original binary data of the targeted command packet completely into the receiving buffer of the encryption chip via the SPI bus, I2C bus, or UART bus.
[0072] During the transparent transmission process, the terminal's main CPU does not perform parsing, decryption, or verification operations on the payload field of the directional command packet.
[0073] In one embodiment, a broadcast channel refers to a wireless or wired communication channel through which the server transmits data unidirectionally to each terminal, including satellite broadcast links, digital audio broadcast subcarrier data channels, or IP multicast network channels. Its characteristic is that the server can send data to multiple terminals simultaneously, but the terminals cannot return acknowledgment information to the server through the same channel. A secure communication module refers to the hardware module on the terminal side used to receive broadcast signals and perform demodulation and decoding processing. The terminal's main CPU refers to the general-purpose central processing unit in the broadcast terminal responsible for running the operating system and business applications.
[0074] The server sends the pre-constructed targeted command packet to all online broadcast terminals via a broadcast channel. On the terminal side, the secure communication module continuously monitors the broadcast channel. Upon capturing a data packet conforming to preset modulation parameters and frame format, it demodulates and decodes the signal to obtain the digital targeted command packet, which is then transmitted to the terminal's main CPU. Upon receiving the data packet, the terminal's main CPU reads the header identifier field at the beginning of the packet and compares its value with the system's preset targeted command packet characteristic value. If a match is found, the terminal's main CPU determines the data packet type to be a targeted command packet; if the match fails, it distributes or discards the packet according to the processing procedure for other data packet types.
[0075] After determining that the data packet type is a directed command packet, the terminal's main CPU calls the driver program for the corresponding bus interface to write the raw binary data of the directed command packet byte by byte or frame by frame into the receive buffer of the encryption chip via the SPI bus, I2C bus, or UART bus, completing the complete data transfer from the main CPU to the encryption chip. Throughout the entire transparent transmission process, the terminal's main CPU only performs the reading and matching of the packet header identifier and the transfer of bus data; it does not read, parse, or cache any content in the payload field of the directed command packet, nor does it perform any operations related to decryption, authentication, or logical judgment.
[0076] By strictly limiting the responsibilities of the terminal's main CPU to packet type identification and hardware pass-through, it is completely isolated from security-sensitive operations. This cuts off the attack path for attackers to intercept, tamper with, or forge the password verification process by intruding into the main CPU's operating system or applications, thus establishing a secure input boundary for subsequent independent hardware-level verification by the encryption chip.
[0077] The encryption chip is used to perform hardware-level verification on the targeted password packet to obtain the hardware-level verification result.
[0078] In one implementation, the encryption chip is internally provided with a one-time programmable memory and a hardware comparator, wherein the one-time programmable memory is implemented using a fuse structure or an antifuse structure, and the hardware comparator is directly connected to the read circuit of the one-time programmable memory.
[0079] The targeted password packet is decrypted using a pre-set terminal private key to obtain the target's unique identifier.
[0080] The target unique identifier is compared using a hardware comparator to obtain the hardware comparison result.
[0081] Perform timestamp validity verification on the target's unique identifier and obtain the timestamp validity verification result;
[0082] The hardware-level verification result is determined based on the hardware comparison results and the timestamp validity verification results.
[0083] Preferably, hardware-level verification refers to a full-process security verification operation completed by a dedicated hardware circuit inside the encryption chip, independent of the terminal's main CPU. All verification logic is executed in a closed loop inside the encryption chip, without the involvement of the terminal's main CPU during the verification process, and the verification result is not returned to the terminal's main CPU.
[0084] A hardware comparator is a digital comparison circuit composed of basic logic gates such as XOR gates and AND gates. Its input terminals are connected to the target unique identifier signal line obtained by decryption and the read signal line of the corresponding storage bit of the one-time programmable memory, respectively. The output terminal directly outputs the comparison result signal, and the comparison process does not pass through the data bus inside the encryption chip.
[0085] The hardware comparison result refers to the logic signal output by the hardware comparator after comparing the target unique identifier with the local unique identifier bit by bit. It includes two states: a consistency signal and a difference signal.
[0086] After the encryption chip reads the raw binary data of the directed command packet from the receive buffer, it first uses the internally preset terminal private key to perform asymmetric decryption on the second ciphertext in the directed command packet, thus restoring the symmetric session key. This terminal private key is physically programmed into a one-time programmable memory during the terminal's manufacturing process, and the storage area is set to a state where external reading is prohibited; it can only be directly accessed by the encryption chip's internal decryption engine.
[0087] Subsequently, the encryption chip invokes its internal hardware symmetric decryption engine to perform symmetric decryption and integrity verification on the first ciphertext using the recovered symmetric session key. If the AES-GCM algorithm is used, the authentication tag is verified simultaneously to confirm that the ciphertext packet has not been tampered with during transmission. Upon successful decryption, plaintext data containing the target's unique identifier, status instructions, and a timestamp is obtained.
[0088] The encryption chip sends the decrypted target unique identifier to a hardware comparator, which compares it bit by bit with the local unique identifier pre-stored in the one-time programmable memory. Since the hardware comparator is directly connected to the read circuit of the one-time programmable memory, the comparison process is a pure hardware logic level comparison, without transmission through the encryption chip's internal data bus, and does not occupy processor instruction cycles.
[0089] The encryption chip verifies the validity of the timestamp obtained through decryption. Internally, the encryption chip has an independent clock source and non-volatile memory to record the updated timestamp of the last valid instruction after each successful verification.
[0090] The encryption chip determines the hardware-level verification result based on the hardware comparison result and the timestamp validity verification result. In other words, by completely converging the security verification of the instruction inside the encryption chip, the identity comparison is made unbypassable by using the direct circuit connection of the hardware comparator, and the timestamp dual verification mechanism is used to defend against replay attacks, thus forming a hardware-level security decision core that is completely isolated from the terminal's main CPU.
[0091] In one implementation, determining the hardware-level verification result based on the hardware comparison result and the timestamp validity verification result includes:
[0092] When the hardware comparison result is consistent and the timestamp validity verification result is valid, the hardware-level verification result is verification passed;
[0093] When the hardware comparison result is inconsistent and / or the timestamp validity verification result is invalid, the hardware-level verification result is verification failure.
[0094] In one embodiment, after obtaining the hardware comparison result and the timestamp validity verification result, the encryption chip comprehensively judges the two sub-results through internal combinational logic circuits or a state machine. When the hardware comparison result signal is consistent and the timestamp validity verification result signal is valid, the combinational logic outputs a verification pass signal, which triggers the subsequent state switching execution process. When the hardware comparison result signal is inconsistent, the combinational logic outputs a verification fail signal regardless of whether the timestamp verification result is valid. When the timestamp validity verification result signal is invalid, the combinational logic also outputs a verification fail signal regardless of whether the hardware comparison results are consistent.
[0095] For example, if the target terminal receives a targeted command packet and its unique identifier is matched bit-by-bit with the local unique identifier, and the timestamp is verified to be greater than the timestamp of the last valid instruction and within the allowable range of deviation from the independent clock source, then the hardware comparison is consistent and the timestamp is valid, and the encryption chip determines that the verification has passed. Alternatively, if a non-target terminal receives a targeted command packet, and after decryption, the target unique identifier differs from the local unique identifier by any number of bits, the hardware comparator outputs a difference signal. In this case, regardless of the timestamp verification result, the encryption chip determines that the verification has failed. Or, if an attacker intercepts a historically valid command packet and replays it to the target terminal at a later time, the hardware comparison result is consistent, but the timestamp is deemed invalid because it is less than or equal to the timestamp of the last valid instruction, and the encryption chip determines that the verification has failed. Alternatively, if an attacker tampers with the timestamp field, causing its deviation from the encryption chip's internal independent clock source to exceed the allowable range, even if the hardware comparison result is consistent, the encryption chip still determines that the verification has failed because the timestamp is invalid.
[0096] By combining authentication and timeliness verification with computation through combinational logic, it is ensured that verification can only pass when the terminal identity matches and the instruction has not been replayed or the time information has been tampered with. Failure of any single dimension of security verification will result in the overall verification failing, thus achieving the technical effect of improving the security of targeted instruction execution.
[0097] In one implementation, a hardware comparator is used to perform a hardware comparison of the target unique identifier to obtain a hardware comparison result, including:
[0098] The target unique identifier is fed into the hardware comparator and compared bit by bit with the local unique identifier inside the encryption chip.
[0099] If all bit levels are consistent, the hardware comparator outputs a consistency signal, and the hardware comparison result is a hardware comparison match.
[0100] If any bit level is inconsistent, the hardware comparator outputs a difference signal, and the hardware comparison result is a hardware comparison inconsistency.
[0101] In one embodiment, bit-by-bit level comparison refers to the operation in which the hardware comparator compares the level signal corresponding to each bit of the target unique identifier with the level signal corresponding to the bit of the local unique identifier one-to-one, with the comparison unit being a single binary bit.
[0102] After decrypting the targeted command packet and obtaining the target's unique identifier, the encryption chip sends the target's unique identifier to the first input group of the hardware comparator in parallel or serial mode. The second input group of the hardware comparator is directly connected to the local unique identifier read signal line of the primary programmable memory, which transmits the bit level of the local unique identifier stored in the primary programmable memory to the hardware comparator in real time.
[0103] The hardware comparator is internally composed of multiple XOR gate circuits and one AND gate circuit. Each bit corresponds to a set of XOR gates. The two inputs of the XOR gates are respectively connected to the corresponding bit signals of the target unique identifier and the local unique identifier.
[0104] When the two input signal levels of a certain bit are the same, the XOR gate outputs a low level; when the levels are different, the XOR gate outputs a high level. The output signals of all XOR gates are combined and connected to a single AND gate circuit, which performs a logical AND operation on the XOR results of each path.
[0105] If all XOR gates output low, the AND gate outputs a match signal, indicating that all bits of the two identifiers are completely matched, and the hardware comparison result is consistent. If any one or more XOR gates output high, the AND gate outputs a difference signal, indicating that at least one bit of the two identifiers is mismatched, and the hardware comparison result is inconsistent.
[0106] Because the hardware comparator and the one-time programmable memory read circuit are directly connected by a physical connection, the intermediate signals and the final result signals generated during the comparison process are only transmitted within the hardware comparator, without being connected to the internal data bus of the encryption chip, nor passing through the instruction execution pipeline of the processor core.
[0107] In one implementation, the target unique identifier is timestamped to obtain the timestamp validity verification result, including:
[0108] Read the timestamp of the last valid instruction recorded in the non-volatile memory inside the encryption chip;
[0109] Compare the timestamp corresponding to the target unique identifier with the timestamp of the last valid instruction. If the timestamp corresponding to the target unique identifier is less than or equal to the timestamp of the last valid instruction, the timestamp validity check result is that the timestamp is invalid.
[0110] If the absolute value of the deviation between the timestamp corresponding to the target unique identifier and the current reference time provided by the independent clock source inside the encryption chip exceeds a preset time threshold, the timestamp validity verification result is that the timestamp is invalid.
[0111] Preferably, after completing the hardware comparison and obtaining a consistent result, the encryption chip proceeds to the timestamp validity verification stage. The encryption chip first accesses a designated address area in its internal non-volatile memory and reads the timestamp of the last valid instruction saved during the previous successful verification. Then, the encryption chip compares the timestamp value in the currently decrypted targeted command packet with this historical record value. If the current timestamp is less than or equal to the historical record value, it indicates that the command packet is highly likely a copy and replay of a previously valid instruction by an attacker. The encryption chip's internal verification logic immediately invalidates the timestamp validity verification result and terminates the subsequent verification process.
[0112] If the current timestamp is greater than the historical value, the encryption chip will further calculate the deviation between the current timestamp and the current reference time provided by the internal independent clock source. The deviation calculation method is to take the absolute value of the difference between the two.
[0113] If the absolute value exceeds the preset time threshold, it indicates that the password packet experienced an abnormal delay during transmission, or that the timestamp field was maliciously tampered with. The encryption chip will also invalidate the timestamp validity verification result.
[0114] In other words, the encryption chip only determines the timestamp validity check result as valid when the current timestamp is significantly greater than the historical record value and the absolute value of the deviation from the reference time does not exceed a preset time threshold. Through a dual time verification mechanism—comparing with historical records to defend against replay attacks and comparing with a reference time to defend against time tampering and abnormal delays—it ensures that each directed instruction is accepted and executed only once within its valid time window, providing crucial security for hardware-level verification from a time perspective.
[0115] If the hardware-level verification result is successful, the encryption chip outputs a hardware control signal to perform a state switch.
[0116] If the hardware-level verification result is that the verification fails, the hardware error counter is triggered to accumulate and the targeted password packet is discarded. The accumulated result of the hardware error counter is counted. When the accumulated result is greater than or equal to a preset threshold, the chip self-locking is triggered. When the accumulated result is less than the preset threshold, the current processing ends.
[0117] In one implementation, if the hardware-level verification result is a verification failure, a hardware error counter is incremented and the targeted password packet is discarded. The incremented hardware error counter is then counted. When the incremented result is greater than or equal to a preset threshold, a chip self-locking is triggered. When the incremented result is less than the preset threshold, the current processing ends. This includes:
[0118] When the accumulated result of the hardware error counter reaches a preset threshold, the fuse control circuit inside the encryption chip generates a fuse current pulse, changing the internal programming fuse bit from the on state to the off state, irreversibly disabling the reading path of the preset terminal private key and triggering the chip self-locking.
[0119] In one implementation, the hardware error counter is stored in a non-volatile memory unit inside the encryption chip, and the count value remains unchanged after the terminal is powered off and then powered on again.
[0120] Specifically, the preset threshold refers to the upper limit of the hardware error counter set by the encryption chip during the factory or initialization stage, such as 10 times. This value determines the triggering condition of the chip's self-locking mechanism.
[0121] Once the encryption chip concludes that the verification has passed based on the combined hardware comparison and timestamp validity verification results, the internal output unit controller of the encryption chip generates a corresponding hardware control signal on a designated output pin according to the status command obtained through decryption. This hardware control signal is directly connected to a function enable pin on the terminal motherboard via a dedicated signal trace independent of the terminal's main CPU. For example, it could be connected to the enable pin of the power management unit to enable or disable the terminal's overall wake-up or sleep mode, to the mute control pin of the audio power amplifier to enable or disable audio output, or to the power enable pin of the RF receiver module to control the signal reception function. The generation and transmission path of the hardware control signal reside entirely within the encryption chip and its dedicated output circuit, without passing through any general-purpose input / output pins or bus interfaces of the terminal's main CPU.
[0122] When the encryption chip concludes that the verification failed, its internal hardware error counter automatically increments by one unit, and the incremented value is written to a non-volatile memory unit for storage. Simultaneously, the encryption chip triggers its internal clearing circuit, writing all the original data of the targeted command packet stored in the receive buffer to zero, resetting the intermediate register values generated during decryption to their initial state, and resetting the instruction processing state machine to an idle state, thus completely discarding the targeted command packet.
[0123] The hardware error counter continuously increments with each verification failure. Because the count is stored in non-volatile memory, even if an attacker attempts to reset the counter to zero by repeatedly powering down and restarting the terminal, the count will remain incremented and continue counting. When the accumulated count of the hardware error counter reaches a preset threshold, the fuse control circuit inside the encryption chip is activated. This circuit generates a transient fuse current pulse and applies it to the internal programming fuse bit.
[0124] Under the action of a current pulse, the fuse bit changes from a conducting state to an open circuit state, physically disconnecting the reading path of the terminal's private key from the one-time programmable memory to the internal decryption engine. Due to the irreversible nature of the fuse structure, this open state cannot be restored after power failure, thus the encryption chip enters a permanently self-locking state, losing the ability to decrypt and verify any subsequent directed encryption packets. This achieves the technical effect of improving the long-term secure operation capability of broadcast terminals in unidirectional channel environments.
[0125] The above description is merely a preferred embodiment of the present invention, but the scope of protection of the present invention is not limited thereto. Any variations or substitutions that can be easily conceived by those skilled in the art within the scope of the technology disclosed in the present invention should be included within the scope of protection of the present invention. Therefore, the scope of protection of the present invention should be determined by the scope of the claims.
[0126] The foregoing description of specific exemplary embodiments of the invention is for illustrative and explanatory purposes. These descriptions are not intended to limit the invention to the precise forms disclosed, and it will be apparent that many changes and variations can be made in accordance with the foregoing teachings. The exemplary embodiments were chosen and described in order to explain the specific principles of the invention and its practical application, thereby enabling those skilled in the art to implement and utilize various different exemplary embodiments of the invention, as well as various different choices and variations. The scope of the invention is intended to be defined by the claims and their equivalents.
Claims
1. A method for secure execution of directional instructions in a broadcast terminal based on a hardware encryption chip, characterized in that, The method includes: On the server side, a layered encryption strategy is used to construct a targeted password packet based on the information of the target terminal; The targeted password packet is broadcast through a broadcast channel. After receiving the targeted password packet, the terminal's main CPU performs type identification and transparent transmission of the targeted password packet, and writes the original data of the targeted password packet into an encryption chip. The encryption chip is set independently of the terminal's main CPU. The encryption chip is used to perform hardware-level verification on the targeted password packet to obtain a hardware-level verification result. If the hardware-level verification result is successful, the encryption chip outputs a hardware control signal to perform a state switch. If the hardware-level verification result is that the verification fails, the hardware error counter is triggered to accumulate and the targeted password packet is discarded. The accumulated result of the hardware error counter is counted. When the accumulated result is greater than or equal to a preset threshold, the chip self-locking is triggered. When the accumulated result is less than the preset threshold, the current processing ends.
2. The secure execution method for broadcast terminal directional instructions based on a hardware encryption chip as described in claim 1, characterized in that, On the server side, a layered encryption strategy is used to construct a targeted password packet based on the target terminal's information, including: Extract the target unique identifier from the information of the target terminal, and concatenate the target unique identifier, the status instruction to be executed, and the current timestamp according to a preset format to obtain plaintext instruction data; Generate a random symmetric session key, and call a symmetric encryption algorithm to encrypt the plaintext instruction data using the symmetric session key to obtain the first ciphertext; The symmetric session key is encrypted using a pre-set public key in the target terminal by calling an asymmetric encryption algorithm to obtain the second ciphertext; The first ciphertext and the second ciphertext are combined to obtain the directed command packet.
3. The secure execution method for broadcast terminal directional instructions based on a hardware encryption chip as described in claim 2, characterized in that, The symmetric encryption algorithm is the AES-GCM algorithm; The first ciphertext contains an authentication tag generated using the AES-GCM algorithm; The asymmetric encryption algorithm is one of the SM2 algorithm, RSA algorithm, or ECC algorithm.
4. The secure execution method for broadcast terminal directional instructions based on a hardware encryption chip as described in claim 1, characterized in that, The encryption chip is internally equipped with a one-time programmable memory and a hardware comparator. The one-time programmable memory is implemented using a fuse structure or an antifuse structure, and the hardware comparator is directly connected to the read circuit of the one-time programmable memory. The targeted password packet is decrypted using a pre-set terminal private key to obtain the target's unique identifier. The target unique identifier is compared using a hardware comparator to obtain the hardware comparison result. Perform timestamp validity verification on the target's unique identifier and obtain the timestamp validity verification result; The hardware-level verification result is determined based on the hardware comparison results and the timestamp validity verification results.
5. The secure execution method for broadcast terminal directional instructions based on a hardware encryption chip as described in claim 4, characterized in that, Based on the hardware comparison results and timestamp validity verification results, the hardware-level verification results are determined, including: When the hardware comparison result is consistent and the timestamp validity verification result is valid, the hardware-level verification result is verification passed; When the hardware comparison result is inconsistent and / or the timestamp validity verification result is invalid, the hardware-level verification result is verification failure.
6. The secure execution method for broadcast terminal directional instructions based on a hardware encryption chip as described in claim 4, characterized in that, The target unique identifier is compared using a hardware comparator to obtain the hardware comparison result, including: The target unique identifier is fed into the hardware comparator and compared bit by bit with the local unique identifier inside the encryption chip. If all bit levels are consistent, the hardware comparator outputs a consistency signal, and the hardware comparison result is a hardware comparison match. If any bit level is inconsistent, the hardware comparator outputs a difference signal, and the hardware comparison result is a hardware comparison inconsistency.
7. The secure execution method for broadcast terminal directional instructions based on a hardware encryption chip as described in claim 4, characterized in that, Perform timestamp validity verification on the target unique identifier and obtain the timestamp validity verification result, including: Read the timestamp of the last valid instruction recorded in the non-volatile memory inside the encryption chip; Compare the timestamp corresponding to the target unique identifier with the timestamp of the last valid instruction. If the timestamp corresponding to the target unique identifier is less than or equal to the timestamp of the last valid instruction, the timestamp validity check result is that the timestamp is invalid. If the absolute value of the deviation between the timestamp corresponding to the target unique identifier and the current reference time provided by the independent clock source inside the encryption chip exceeds a preset time threshold, the timestamp validity verification result is that the timestamp is invalid.
8. The secure execution method for broadcast terminal directional instructions based on a hardware encryption chip as described in claim 1, characterized in that, The targeted password packet is broadcast through a broadcast channel. After receiving the targeted password packet, the terminal's main CPU performs type identification and transparent transmission of the targeted password packet, and writes the original data of the targeted password packet into the encryption chip, including: After receiving the targeted password packet, the secure communication module on the terminal side transmits the targeted password packet to the terminal's main CPU; The terminal's main CPU identifies the header identifier of the targeted command packet, determines that the data packet type is a targeted command packet, and then writes the original binary data of the targeted command packet completely into the receiving buffer of the encryption chip via the SPI bus, I2C bus, or UART bus. During the transparent transmission process, the terminal's main CPU does not perform parsing, decryption, or verification operations on the payload field of the directional command packet.
9. The secure execution method for broadcast terminal directional instructions based on a hardware encryption chip as described in claim 1, characterized in that, If the hardware-level verification result is a verification failure, the hardware error counter is incremented and the targeted password packet is discarded. The incremented result of the hardware error counter is then calculated. When the incremented result is greater than or equal to a preset threshold, the chip self-locking is triggered. When the incremented result is less than the preset threshold, the current processing ends. This includes: When the accumulated result of the hardware error counter reaches a preset threshold, the fuse control circuit inside the encryption chip generates a fuse current pulse, changing the internal programming fuse bit from the on state to the off state, irreversibly disabling the reading path of the preset terminal private key and triggering the chip self-locking.
10. The secure execution method for broadcast terminal directional instructions based on a hardware encryption chip as described in claim 9, characterized in that, The hardware error counter is stored in a non-volatile memory unit inside the encryption chip, and the count value remains unchanged after the terminal is powered off and then powered on again.