31 results about "Bus encryption" patented technology

A universal serial bus (USB) dongle device includes a first wireless millimeter wave transceiver that receives an inbound RF signal, that generates inbound data based on the inbound RF signal, that receives outbound data and that generates an outbound RF signal in response thereto. An antenna is coupled to transmit the outbound RF signal and to receive the inbound RF signal. A USB interface communicates the inbound data to the host device and receives the outbound data from the host device.

A copy protection (CP) key used by a sending source, such as a POD, to encrypt content such as audio and/or video information is derived by a first key generator associated with a first processor and is locally encrypted by the first processor using a locally generated bus encryption key to produce a bus encrypted CP key that is sent over a local unsecure bus to a second processor, such as a graphics processor. The second processor decrypts the bus encrypted copy key using a decryption engine to obtain the CP key. The second processor receives the encrypted content and in one embodiment, also uses the same decryption engine to decrypt the encrypted content. The first and second processors locally exchange public keys to each locally derive a bus encryption key used to encrypt the CP key before it is sent over the unsecure bus and decrypt the encrypted CP key after it is sent over the bus. The locally exchanged public keys are shorter in length than those used between the CPU and POD to produce the original CP key.

The invention provides a vehicle CAN bus encryption method. The method comprises the following steps: firstly performing IMMO authentication on T-box, wherein the T-box sends a message to a gateway through a bus CAN under the condition that the IMMO authentication is passed; performing hardware encryption and decryption on the message sent by the T-box through a HSM of the T-box and the HSM of thegateway, wherein the a message counter is arranged on the T-box to count the sent message, and the gateway detects the message counter; judging that the message is legal when the message conforms tothe set rule, and decrypting the message when the message is legal, and then sending the decrypted message to other CAN branches of the vehicle. The vehicle CAN bus encryption method provided by the invention has the advantages that the triple encryption method of IMMO authentication, the HSM hardware encryption and the message counter judgment is applied by adopting the way of combining the software encryption and hardware encryption, the security of the vehicle CAN bus is greatly improved, the Hacker intrusion is prevented, and the travelling security is improved.

The invention relates to the technical field of system security, and especially relates to a hierarchical bus encryption system. The system is used for solving the problems that data transmission of a security module and an ordinary module is not physically isolated and buses are not utilized reasonably and fully according to the security of each module. The system comprises at least two buses of a first bus and a second bus, an encryption and decryption system corresponding to each bus, at least one signal processing module corresponding to each bus, and a bus converter coupled between the first bus and the second bus. Through adoption of the system provided by the embodiment of the invention, the data transmitted on the buses is encrypted data, even through an attacker obtains the bus data through a probe attack, a secret key is difficult to break, and the anti-attack capability of the system can be improved.

An apparatus and method of controlling power of a Universal Serial Bus (USB) dongle are provided. The method includes detecting power consumption of the USB dongle when the USB dongle is connected with an apparatus to perform a communication function, determining whether the detected power consumption is equal to or greater than a maximum power, and lowering a data throughput when the detected power consumption is equal to or greater than the maximum power.

A random number generator includes a plurality of memory cells arranged in a series, a feedback processor for generating a feedback signal and for feeding the feedback signal into one of the memory cells, and a random number outputter formed to combine states of a group of at least two memory cells to obtain an output sequence. Sequences strongly differing from one another, the number of which is greater than the number of memory cells, can be generated by generating several output sequences AF₀, AF₁, AF₂, . . . , AF_k by combining states of different memory cells such that a safe and efficient bus encryption is achievable.

The invention discloses a circuit system security protection chip. The chip comprises interface input and output logic, a dual-port RAM, internal data input and output logic, an encryption algorithm module, an interface control module, an internal register bank, a voltage detection module, a frequency detection module, a chip tamper-proofing module, a bus encryption module and a hardware 3DES algorithm coprocessor, wherein the control module is in bidirectional connection with the internal data input and output logic, the encryption algorithm module, the internal register bank and a DMA controller, and signals flow in two directions; the signal input end of the control module is connected with the signal output end of the interface input and output logic; the voltage detection module is used for resisting attacks by high and low voltages; the frequency detection module is used for resisting attacks by high and low frequencies; the chip tamper-proofing module is used for designing a unique serial number of the chip; the bus encryption module is provided with a metallic shield protective layer and used for self-destruction of internal data after external attacks are detected. Operation of the encryption chip and input of external data can be basically performed at the same time, and high speed of data flow read-write in a DMA burst read-write mode can be fully utilized to increase the data encryption and decryption speed of the chip.

The invention discloses a data security protection method for a computer, which establishes a safe storage space for storing user data and controls the access authority of the safe storage space; the safe storage space is a protected partition isolated from other spaces on a hard disk , it is only allowed to be operated through the underlying unified extensible firmware interface UEFI; the method of sector-level read-write interception combined with the universal serial bus dongle USB‑KEY or software identity authentication is used to realize the encryption of hard disk data. The invention encrypts and decrypts the sent instructions and important user data information in the safe storage space of the hard disk multiple times, and issues a trusted authorization certificate between the sending and receiving parties of the instructions to perform legality authentication, effectively avoiding hacker interception software interception In addition, the present invention is easy to use and can control the reading and writing of data in the designated area, so that users can implement diversified protection schemes for different data according to their own needs.

In order to solve the problem that a CAN bus encryption mode is easy to crack in the prior art, the invention provides a CAN bus encryption method for encrypting data by using an encryption algorithm.The method is characterized in that the following steps: performing SM3 algorithm operation on original data to generate a hash value; extracting a plurality of bits of data from the hash value, combining the data with the original data to form 128 bits of combined data, and performing SM4 algorithm operation on the combined data to encrypt the combined data; finally, realizing the decryption ofSM3 and SM4 algorithms on the FPGA platform, and completing the data interaction between software and hardware by utilizing an AXI bus. The encryption system is constructed by adopting SM3 and SM4 password symmetric encryption and decryption algorithms, an encryption method is provided for bus data, information verification can also be realized, and the security, reliability and anti-cracking capability of CAN bus data are improved.

Data storage system (1) comprises: an optical disc (2) having a storage space (3) for receiving sectors of data; a disc drive (10), suitable for writing information to the disc; a host (20), capable of cooperating with the drive; the host being designed to send to said drive a write encrypted sector command WESC(EKI) for commanding said drive to write one or more bus-encrypted sectors to said disc, WESC(EKI) including an encryption key identifier EKI; the drive being designed, in response to receiving said WESC(EKI), to evaluate the value of EKI, and, if the value of EKI indicates a bus-encrypted user data portion (32E), to decrypt this user data portion, to generate a header portion (31) with bus encryption information BEI, to combine this header portion with the decrypted user sector portion (32) to make a data sector (30), and to write the data sector (30) to the disc.

The invention discloses an address XOR based data bus encryption method. A bus encryption key after XOR is obtained by performing XOR operation on each bit of the bus encryption key with a certain bit or multiple bits of a memory address bus. Cryptograph data is obtained by performing XOR on the bus encryption key after address XOR with memory plaintext data. XOR keys corresponding to plaintext data in each address are different, and thus attackers cannot restore plaintexts easily by reckoning the keys through analyzing the cryptograph data. The method provided by the invention can fend off physical attacks of memory data, effectively improve the system security and also substantially improves the computation speed.

The present invention provides data encryption for a differential bus employing transitional coding. The present invention maps, encodes and encrypts input data as a logic status for a given bus transfer cycle. The mapping, encoding and encrypting of the input data changes from bus transfer cycle to bus transfer cycle. The mapping, encoding and encrypting is a function of a pseudo-random number. A logic status is differentially transmitted from a bus transmitter to a bus receiver, to be mapped, decrypted and decoded as the corresponding output data.

The invention provides a CAN bus encryption method and device, engineering machinery and a storage medium. The CAN bus encryption method comprises the following steps: acquiring a first fixed key and a random code generated by a CAN main control node; generating a second fixed secret key matched with the CAN node according to the first fixed secret key and a preset node parameter of the CAN node; generating a first data frame secret key matched with the CAN node according to the random code and the second fixed secret key; and encrypting a data frame to be sent by the CAN node according to the first data frame secret key. The invention has the beneficial effect that the security after data encryption can be improved under the condition of ensuring the running speed of the CAN node.

The embodiment of the invention discloses a controller local area network bus encryption method and device, equipment and a medium. The method comprises the following steps: determining a key of a message to be sent corresponding to a controller area network (CAN) bus, and sending the key to a receiving end through the CAN bus; and encrypting the message to be sent according to the key to obtain an encrypted message, and sending the encrypted message to the receiving end through the CAN bus, so that the receiving end decrypts the received encrypted message according to the key. According to the technical scheme provided by the embodiment of the invention, through interaction between the sending end and the receiving end, CAN bus encryption can be simply and quickly realized, the to-be-sent message corresponding to the CAN bus does not need to be processed, and the network load and the burden of a processor are reduced.

The present disclosure relates to devices and methods for protecting data from physical attacks. The devices and methods may establish an encryption protocol to encrypt data transmitted over a bus to one or more removable devices in communication with a computer device. The devices and methods may use the encryption protocol to communicate with the removal devices and perform storage requests at the removal devices. The devices and methods may also perform another layer of encryption on the data stored at the removal devices using a data at rest key stored on the removal devices.