基于THD89的智能密码钥匙设计与实现

doi:10.3969/j.issn.1671-1122.2021.09.006

信息网络安全 ›› 2021, Vol. 21 ›› Issue (9): 40-45.doi: 10.3969/j.issn.1671-1122.2021.09.006

基于THD89的智能密码钥匙设计与实现

江皓臻¹^,², 江苾菲¹^,²(), 贺朗月¹^,², 单亦伟¹^,²

1.中国科学院信息工程研究所信息安全国家重点实验室,北京 100195
2.中国科学院大学网络空间安全学院,北京 100195

收稿日期:2021-04-26 出版日期:2021-09-10 发布日期:2021-09-22
通讯作者: 江苾菲 E-mail:jiangbifei@iie.ac.cn
作者简介:江皓臻（1996—）,男,浙江,硕士研究生,主要研究方向为密钥保护|江苾菲（1997—）,女,湖南,硕士研究生,主要研究方向为信息安全|贺朗月（1996—）,女,湖北,硕士研究生,主要研究方向为用户行为认证|单亦伟（1989—）,男,辽宁,工程师,硕士,主要研究方向为信息保护技术
基金资助:
国家自然科学基金(61902398)

Design and Implementation of Smart Token Based on THD89

JIANG Haozhen¹^,², JIANG Bifei¹^,²(), HE Langyue¹^,², SHAN Yiwei¹^,²

1. State Key Laboratory of Information Security, Institute of Information Engineering, Chinese Academy of Sciences, Beijing 100195, China
2. School of Cyber Security, University of Chinese Academy of Sciences, Beijing 100195, China

Received:2021-04-26 Online:2021-09-10 Published:2021-09-22
Contact: JIANG Bifei E-mail:jiangbifei@iie.ac.cn

摘要/Abstract

摘要：

智能密码钥匙是一种结合了现代密码学技术和智能卡技术的终端密码产品,可以为信息安全基础设施提供密钥的安全存储和密码的计算服务,广泛应用于身份认证、隐私保护和金融交易。现有的智能密码钥匙存在使用的安全芯片等级较低、访问控制设计较简单、密码运算性能较低等问题,限制了智能密码钥匙的应用与发展。目前,我国国产密码标准的推广和智能密码钥匙相关的技术标准、测试标准趋于完善。文章采用通过了国际SOGIS CC EAL6+认证的紫光同芯THD89安全芯片,根据相关标准设计并实现了符合国家标准、算法齐备、高效安全的智能密码钥匙。

关键词: 智能密码钥匙, 安全芯片, 国产密码算法

Abstract:

The smart token is a terminal cryptographic product that combines cryptography and smart card technology. It can provide secure storage of keys and cryptographic computing services for information security infrastructure. It is widely used in identity authentication, privacy protection and financial transactions. The existing smart token have problems such as low level security, simple access control design, and low cryptographic performance, which restrict the application and development of smart token. According to relevant national standards and based on the THD89 security chip which has passed the international SOGIS CC EAL6+ certification, this paper designed and implemented a smart token with complete SM algorithms and high efficiency as well as high security.

Key words: smart token, secure chip, domestic cryptographic algorithm

中图分类号:

TP309

江皓臻, 江苾菲, 贺朗月, 单亦伟. 基于THD89的智能密码钥匙设计与实现[J]. 信息网络安全, 2021, 21(9): 40-45.

JIANG Haozhen, JIANG Bifei, HE Langyue, SHAN Yiwei. Design and Implementation of Smart Token Based on THD89[J]. Netinfo Security, 2021, 21(9): 40-45.

图/表 11

图1

图2

图3

图4

图5

图6

表1

表2

表3

表4

表5

参考文献 14

[1]	RANKL W, EFFING W. Smart Card Handbook[M]. New York: Wiley Press, 2004.
[2]	ZHANG Yinbing, LIU Nannan, ZHANG Li. Authentiation Technology Overview[J] Computer Knowledge and Technology, 2011, 7(9), 2014-2016.
	张引兵, 刘楠楠, 张力. 身份认证技术综述[J]. 电脑知识与技术, 2011, 7(9),2014-2016.
[3]	GM/T 0016-2012 Smart Token Cryptography Application Interface Specification[S]. Beijing: State Cryptography Administration, 2012.
	GM/T 0016-2012 智能密码钥匙密码应用接口规范[S].北京：国家密码管理局, 2012.
[4]	CORDONNIER V M. Smart Cards: Present and Future Applications and Techniques[J]. Electronics & Communication Engineering Journal, 1991, 3(5): 207-212.
[5]	WANG Lina, TANG Chuan, XU Jing. Analysis on the Development Trends of Future Chip[J]. World Sci-Tech R&D, 2020, 42(1): 47-56.
	王立娜, 唐川, 徐婧. 未来芯片技术发展态势分析[J]. 世界科技研究与发展, 2020, 42(1): 47-56.
[6]	SHAO Xudong. The Research of Access and Control Technology of USB Key[D]. Shanghai: Shanghai Jiao Tong University, 2008.
	邵旭东. USB 智能密码钥匙访问控制技术研究[D]. 上海:上海交通大学, 2008.
[7]	YUN M, BU Y. Research on the Architecture and Key Technology of Internet of Things (IoT) Applied on Smart Grid [C]//IEEE. 2010 International Conference on Advances in Energy Engineering, June 19-20, Beijing, China. NJ: IEEE, 2010: 69-72.
[8]	GM/T 0017-2012 Smart Token Cryptography Application Interface Data Format Specification[S]. Beijing: State Cryptography Administration, 2012.
	GM/T 0017-2012 智能密码钥匙密码应用接口数据格式规范[S]. 北京：国家密码管理局, 2012.
[9]	GM/T 0027-2014 Technique Requirements for Smart Token[S]. Beijing: State Cryptography Administration, 2014.
	GM/T 0027-2014 智能密码钥匙技术规范[S]. 北京：国家密码管理局, 2014.
[10]	FENG Dengguo, QIN Yu, WANG Dan, et al. Research on Trusted Computing Technology[J]. Journal of Computer Research and Development, 2011, 48(8): 1332-1349.
	冯登国, 秦宇, 汪丹, 等. 可信计算技术研究[J]. 计算机研究与发展, 2011, 48(8): 1332-1349.
[11]	IT House. Ziguang: The Security Chip THD89 Has Obtained the World Highest Level Certification[EB/OL]. https://www.ithome.com/0/495/550.htm, 2020-07-10.
	IT 之家. 紫光:安全芯片 THD89 获全球最高等级认证[EB/OL]. https://www.ithome.com/0/495/550.htm, 2020-07-10.
[12]	LI Guojun, WANG Hongxian. Information Security Evaluation and EAL4+ Test for Smart Card Products[J]. Tracks for Standard & Technology, 2008, 10(1): 23-26.
	李国俊, 王鸿娴. 信息安全评估与智能卡产品 EAL4 +测评[J]. 信息技术与标准化, 2008, 10(1): 23-26.
[13]	BEZ R, PIROVANO A. Non-volatile Memory Technologies: Emerging Concepts and New Materials[J]. Materials Science in Semiconductor Processing, 2004, 7(4-6): 349-355. doi: 10.1016/j.mssp.2004.09.127 URL
[14]	XU Junwu, XIE Fang. Developing Smart Card Application with PC/SC [C]//IEEE. 2011 International Conference on Internet Computing and Information Services, September 17-18, 2011, Hong Kong, China. NJ: IEEE, 2011: 286-289.

算法名称	本文方案/ms	GM/T 0027-2014/ms
SM2密钥对生成	30.8	< 5000
SM2数字签名	21.7	< 1000
SM2签名验证	30.0	< 1000

算法名称	本文方案/kbps	文献[9]方案/kbps
SM4加密	26.04	> 2
SM4解密	26.76	> 2

算法名称	本文方案/kbps	文献[9]方案/kbps
SM3	74.13	> 2
SHA-1	74.63	> 2
SHA-256	73.91	> 2

算法名称	THD89实现/ms	THD86实现/ms
SM2密钥对生成	30.8	74.6
SM2数字签名	21.7	89.1
SM2签名验证	3.00	13.91

基于THD89的智能密码钥匙设计与实现

Design and Implementation of Smart Token Based on THD89

RichHTML

PDF (PC)

可视化

摘要/Abstract

引用本文

使用本文

图/表 11

参考文献 14

相关文章 1

编辑推荐

Metrics

本文评价