+

CN117480503A - A chip safe startup method and chip - Google Patents

A chip safe startup method and chip Download PDF

Info

Publication number
CN117480503A
CN117480503A CN202180099358.2A CN202180099358A CN117480503A CN 117480503 A CN117480503 A CN 117480503A CN 202180099358 A CN202180099358 A CN 202180099358A CN 117480503 A CN117480503 A CN 117480503A
Authority
CN
China
Prior art keywords
key
chip
starting
starting stage
startup
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202180099358.2A
Other languages
Chinese (zh)
Inventor
王博
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Huawei Technologies Co Ltd
Original Assignee
Huawei Technologies Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Huawei Technologies Co Ltd filed Critical Huawei Technologies Co Ltd
Publication of CN117480503A publication Critical patent/CN117480503A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/57Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • General Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

The application provides a chip safety starting method and a chip, wherein the chip comprises a secret key generation module and a processing module; the key generation module is used for generating a first key corresponding to the first starting stage; the first starting stage is any one of a plurality of starting stages of the chip; the first key is different from a key corresponding to a second starting stage, and the second starting stage is one starting stage except the first starting stage in a plurality of starting stages; the processing module is used for decrypting the first encrypted file according to the first key in the first starting stage to obtain a first image file, and starting the first image file; the first encrypted file is encrypted using a first key. The chip provided by the embodiment of the application can generate the secret key in real time in the chip starting process without pre-storing the secret key, so that the secret key is prevented from being revealed; meanwhile, the same key is not used for decryption in all starting stages, so that the safety of starting the chip is improved.

Description

一种芯片安全启动方法及芯片A chip safe startup method and chip 技术领域Technical field

本申请涉及信息技术领域,尤其涉及一种芯片安全启动方法及芯片。The present application relates to the field of information technology, and in particular to a chip secure startup method and chip.

背景技术Background technique

芯片启动过程包括多个启动阶段,如终端设备上的系统芯片在终端设备启动过程中,系统芯片需要经过多个启动阶段,例如,终端设备上的系统芯片的启动过程包括ONCHIPROM、FASHBOOT、TEEOS等启动阶段。在芯片启动过程中每个启动阶段均需要启动镜像文件。为保证镜像文件的安全性,生产厂家在生产芯片时,通常会将加密的镜像文件存储到芯片中,因此在芯片启动过程中,在启动镜像文件之前,需要先对加密的镜像文件进行解密。The chip startup process includes multiple startup stages. For example, the system chip on the terminal device needs to go through multiple startup stages. For example, the startup process of the system chip on the terminal device includes ONCHIPROM, FASHBOOT, TEEOS, etc. startup phase. During the chip startup process, a startup image file is required for each startup stage. In order to ensure the security of the image file, manufacturers usually store encrypted image files in the chip when producing chips. Therefore, during the chip startup process, the encrypted image file needs to be decrypted before starting the image file.

目前较为常见的芯片启动方法为:将密钥预先存储到芯片内,在芯片启动阶段读取密钥并对加密后的镜像文件解密。在该方法中,芯片的多个启动阶段中的多个镜像文件对应的均为一个固定的密钥,但在芯片启动阶段均使用相同密钥对所有镜像文件进行解密的方法安全性较低,一旦密钥泄露,则会导致所有镜像文件被解密,造成安全隐患。At present, the more common chip startup method is to store the key in the chip in advance, read the key and decrypt the encrypted image file during the chip startup phase. In this method, multiple image files in the multiple startup phases of the chip correspond to a fixed key, but the method of using the same key to decrypt all image files in the chip startup phase is less secure. Once the key is leaked, all image files will be decrypted, causing security risks.

发明内容Contents of the invention

本申请提供一种芯片安全启动方法及芯片,用于提高芯片启动过程的安全性。This application provides a chip secure startup method and chip, which are used to improve the security of the chip startup process.

第一方面,本申请实施例提供一种芯片,该芯片包括密钥生成模块和处理模块;其中,密钥生成模块,用于生成第一启动阶段对应的第一密钥;所述第一启动阶段为所述芯片多个启动阶段中的任一个启动阶段;所述第一密钥与第二启动阶段对应的密钥不同,所述第二启动阶段为所述多个启动阶段中的除所述第一启动阶段以外的一个启动阶段;处理模块,用于在第一启动阶段内,根据第一密钥对第一加密文件进行解密处理,得到第一镜像文件,启动第一镜像文件,其中,第一加密文件是使用第一密钥进行加密的。In a first aspect, embodiments of the present application provide a chip, which includes a key generation module and a processing module; wherein the key generation module is used to generate a first key corresponding to the first startup phase; the first startup The stage is any startup stage among the multiple startup stages of the chip; the first key is different from the key corresponding to the second startup stage, and the second startup stage is any startup stage among the multiple startup stages. A startup phase other than the first startup phase; a processing module, configured to decrypt the first encrypted file according to the first key in the first startup phase, obtain the first image file, and start the first image file, wherein , the first encrypted file is encrypted using the first key.

如此,本申请实施例提供的芯片可以在芯片启动过程,生成每个启动阶段用于加密文件进行解密的密钥,且至少两个启动阶段对应的密钥不用,从而在芯片启动时实时生成密钥而无需将密钥预先存储,防止密钥泄露;同时,所有启动阶段不再使用同一个密钥进行解密,进一步提高芯片启动的安全性。In this way, the chip provided by the embodiment of the present application can generate a key for decrypting the encrypted file in each startup stage during the chip startup process, and the keys corresponding to at least two startup stages are not used, thereby generating the key in real time when the chip starts. The key does not need to be stored in advance to prevent key leakage; at the same time, the same key is no longer used for decryption in all startup stages, further improving the security of chip startup.

在一个可能的设计中,所述密钥生成模块具体用于:确定所述第一启动阶段对应的第一密钥参数,所述第一密钥参数与所述第二启动阶段对应的密钥参数不同;根据所述第一密钥参数,生成所述第一密钥。In one possible design, the key generation module is specifically configured to: determine the first key parameter corresponding to the first startup phase, and the first key parameter is the same as the key corresponding to the second startup phase. The parameters are different; the first key is generated according to the first key parameter.

通过该设计,芯片在生成第一启动阶段的第一密钥时,首先生成第一启动阶段对应的第一密钥参数,至少两个启动阶段对应的密钥参数不同,从而可以保证,在根据密钥参数生成密钥后,至少两个启动阶段对应的密钥不同,提高芯片启动过程的安全性。Through this design, when the chip generates the first key in the first startup phase, it first generates the first key parameters corresponding to the first startup phase. At least the key parameters corresponding to the two startup phases are different, which can ensure that according to the After the key parameters are generated, at least the keys corresponding to the two startup stages are different, which improves the security of the chip startup process.

在一个可能的设计中,所述密钥生成模块具体用于:根据第一运算规则对所述第一密钥参数与所述芯片的芯片参数进行运算,得到所述第一密钥。In a possible design, the key generation module is specifically configured to perform an operation on the first key parameter and the chip parameter of the chip according to a first operation rule to obtain the first key.

在一个可能的设计中,所述芯片参数包括以下内容中的至少一项:用于指示所述芯片 使用周期的生命周期;用于指示所述芯片生产厂家的公钥哈希值;所述芯片的应用厂家标识;所述芯片的应用设备标识;所述芯片包含的寄存器的寄存器标识。In a possible design, the chip parameters include at least one of the following: a life cycle used to indicate the use cycle of the chip; a public key hash value used to indicate the chip manufacturer; the chip The application manufacturer identification; the application equipment identification of the chip; the register identification of the registers contained in the chip.

通过以上设备,芯片在根据第一密钥参数生成第一密钥时,将芯片的第一密钥参数与芯片参数进行运算,得到第一密钥,其中芯片参数可以包含生命周期、公钥哈希值、应用厂家标识和应用产品标识等,从而可以灵活设置芯片参数的内容,保证在芯片的不同使用阶段或芯片应用于不同厂家或产品时,芯片对应的密钥不同,进一步保证了芯片的安全使用。Through the above equipment, when the chip generates the first key according to the first key parameters, it calculates the first key parameters of the chip and the chip parameters to obtain the first key, where the chip parameters can include the life cycle, public key and hash rate. Greek value, application manufacturer identification and application product identification, etc., so that the content of the chip parameters can be flexibly set, ensuring that the keys corresponding to the chip are different during different stages of use of the chip or when the chip is used in different manufacturers or products, further ensuring the reliability of the chip. Safe to use.

在一个可能的设计中,所述密钥生成模块具体用于:当所述第一启动阶段为所述多个启动阶段中首个启动阶段时,根据预配置的初始值和第二运算规则生成所述第一密钥参数;或者当所述第一启动阶段为所述多个启动阶段中除首个启动阶段以外的启动阶段时,根据所述第一启动阶段的前一启动阶段对应的密钥参数和第三运算规则,生成所述第一密钥参数。In a possible design, the key generation module is specifically configured to: when the first startup phase is the first startup phase among the multiple startup phases, generate a key according to a preconfigured initial value and a second operation rule. The first key parameter; or when the first startup phase is a startup phase other than the first startup phase among the multiple startup phases, the key parameter corresponding to the previous startup phase of the first startup phase. key parameters and the third operation rule to generate the first key parameters.

通过该设计,芯片在启动过程包含的多个启动阶段生成密钥参数时,可以根据预配置的初始值生成首个启动阶段的密钥参数,以及对于除首个启动阶段之外的其它启动阶段,可以根据前一启动阶段的密钥参数生成该启动阶段的密钥参数,从而能够得到不同的启动阶段对应的不同密钥参数。Through this design, when the chip generates key parameters in multiple startup phases included in the startup process, it can generate key parameters for the first startup phase based on the preconfigured initial values, and for other startup phases except the first startup phase , the key parameters of this startup phase can be generated based on the key parameters of the previous startup phase, so that different key parameters corresponding to different startup phases can be obtained.

在一个可能的设计中,所述处理模块还用于:在启动所述第一镜像文件之后,将所述第一密钥处理为无效密钥;In a possible design, the processing module is further configured to: after starting the first image file, process the first key into an invalid key;

所述密钥生成模块还用于:在所述多个启动阶段结束后,在所述第一启动阶段需要重新启动时,根据预配置的目标密钥参数重新确定所述第一启动阶段对应的所述第一密钥;The key generation module is also configured to: after the multiple startup phases are completed, when the first startup phase needs to be restarted, re-determine the key corresponding to the first startup phase according to the preconfigured target key parameters. the first key;

所述处理模块还用于:根据所述第一密钥对所述第一加密文件进行解密处理,得到所述第一镜像文件;重新启动所述第一镜像文件。The processing module is further configured to: decrypt the first encrypted file according to the first key to obtain the first image file; and restart the first image file.

通过该设计,在启动第一镜像文件后,将第一密钥处理为无效密钥,防止第一密钥被泄露。当多个启动阶段结束后,若第一启动阶段需要重新启动时,根据预配置的目标密钥参数重新确定第一密钥,从而在个别启动阶段需要重新启动时,无需重复启动整个芯片,在保证芯片安全启动的基础上节省开销。Through this design, after starting the first image file, the first key is processed as an invalid key to prevent the first key from being leaked. After multiple startup phases are completed, if the first startup phase needs to be restarted, the first key will be re-determined based on the preconfigured target key parameters, so that when individual startup phases need to be restarted, there is no need to restart the entire chip. Save costs while ensuring safe startup of the chip.

第二方面,本申请实施例提供了一种芯片安全启动方法,该方法包括:In the second aspect, embodiments of the present application provide a chip secure startup method, which method includes:

生成第一启动阶段对应的第一密钥;其中,所述第一启动阶段为所述芯片多个启动阶段中的任一个启动阶段;所述第一密钥与第二启动阶段对应的密钥不同,所述第二启动阶段为所述多个启动阶段中的除所述第一启动阶段以外的一个启动阶段;在所述第一启动阶段内,根据所述第一密钥对第一加密文件进行解密处理,得到第一镜像文件;启动所述第一镜像文件;其中,所述第一加密文件是使用所述第一密钥进行加密的。Generate a first key corresponding to the first startup phase; wherein the first startup phase is any startup phase among multiple startup phases of the chip; the first key and the key corresponding to the second startup phase Differently, the second startup phase is a startup phase among the plurality of startup phases except the first startup phase; in the first startup phase, the first encryption key is encrypted according to the first key. The file is decrypted to obtain a first image file; the first image file is started; wherein the first encrypted file is encrypted using the first key.

在一个可能的设计中,所述生成第一启动阶段对应的第一密钥,包括:确定所述第一启动阶段对应的第一密钥参数,所述第一密钥参数与所述第二启动阶段对应的密钥参数不同;根据所述第一密钥参数,生成所述第一密钥。In a possible design, generating a first key corresponding to the first startup phase includes: determining a first key parameter corresponding to the first startup phase, and the first key parameter is consistent with the second key parameter. Key parameters corresponding to the startup phase are different; the first key is generated according to the first key parameter.

在一个可能的设计中,所述根据所述第一密钥参数,生成所述第一密钥,包括:根据第一运算规则对所述第一密钥参数与所述芯片的芯片参数进行运算,得到所述第一密钥。In a possible design, generating the first key according to the first key parameter includes: performing an operation on the first key parameter and the chip parameter of the chip according to a first operation rule. , obtain the first key.

在一个可能的设计中,所述确定所述第一启动阶段对应的第一密钥参数,包括:当所述第一启动阶段为所述多个启动阶段中首个启动阶段时,根据预配置的初始值和第二运算规则生成所述第一密钥参数;或者当所述第一启动阶段为所述多个启动阶段中除首个启动 阶段以外的启动阶段时,根据所述第一启动阶段的前一启动阶段对应的密钥参数和第三运算规则,生成所述第一密钥参数。In one possible design, determining the first key parameter corresponding to the first startup phase includes: when the first startup phase is the first startup phase among the multiple startup phases, according to the preconfiguration The initial value and the second operation rule generate the first key parameter; or when the first startup phase is a startup phase other than the first startup phase among the multiple startup phases, according to the first startup phase The first key parameters are generated using the key parameters corresponding to the previous startup stage and the third operation rule.

在一个可能的设计中,所述芯片参数包括以下内容中的至少一项:用于指示所述芯片使用周期的生命周期;用于指示所述芯片生产厂家的公钥哈希值;所述芯片的应用厂家标识;所述芯片的应用设备标识;所述芯片包含的寄存器的标识。In a possible design, the chip parameters include at least one of the following: a life cycle used to indicate the use cycle of the chip; a public key hash value used to indicate the chip manufacturer; the chip The application manufacturer identification; the application equipment identification of the chip; and the identification of the registers contained in the chip.

在一个可能的设计中,在启动所述第一镜像文件之后,所述方法还包括:将所述第一密钥处理为无效密钥;In a possible design, after starting the first image file, the method further includes: processing the first key as an invalid key;

在所述多个启动阶段结束后,所述方法还包括:在所述第一启动阶段需要重新启动时,根据预配置的目标密钥参数重新确定所述第一启动阶段对应的所述第一密钥;根据所述第一密钥对所述第一加密文件进行解密处理,得到所述第一镜像文件;重新启动所述第一镜像文件。After the multiple startup phases are completed, the method further includes: when the first startup phase needs to be restarted, re-determine the first key corresponding to the first startup phase according to the preconfigured target key parameters. Key; decrypt the first encrypted file according to the first key to obtain the first image file; restart the first image file.

第三方面,本申请实施例提供一种计算机可读存储介质,包括指令,当其在计算机上运行时,使得计算机执行如上述第二方面的任一种可能的设计所述的方法。In a third aspect, embodiments of the present application provide a computer-readable storage medium that includes instructions that, when run on a computer, cause the computer to perform the method described in any possible design of the second aspect.

第四方面,本申请实施例提供一种计算机程序产品,当其在计算机上运行时,使得计算机执行如上述第二方面的任一种可能的设计所述的方法。In a fourth aspect, embodiments of the present application provide a computer program product that, when run on a computer, causes the computer to execute the method described in any possible design of the second aspect.

附图说明Description of the drawings

图1为一种示例性的芯片结构示意图;Figure 1 is a schematic diagram of an exemplary chip structure;

图2为本申请实施例提供的一种芯片的结构示意图;Figure 2 is a schematic structural diagram of a chip provided by an embodiment of the present application;

图3为本申请实施例提供的又一种芯片的结构示意图;Figure 3 is a schematic structural diagram of another chip provided by an embodiment of the present application;

图4为本申请实施例提供的一种密钥参数生成模块的结构示意图;Figure 4 is a schematic structural diagram of a key parameter generation module provided by an embodiment of the present application;

图5为本申请实施例提供的一种芯片安全启动方法的流程图。Figure 5 is a flow chart of a chip secure startup method provided by an embodiment of the present application.

具体实施方式Detailed ways

为了方便理解本申请实施例,下面介绍与本申请实施例相关的术语:In order to facilitate understanding of the embodiments of the present application, terminology related to the embodiments of the present application is introduced below:

(1)镜像文件,是一种与rar或zip压缩文件类似的文件,将特定的一系列文件按照一定的格式制作成单一的文件,供用户下载使用,比如操作系统镜像、游戏镜像,镜像文件可以被特定软件识别并刻录到光盘上。(1) An image file is a file similar to a rar or zip compressed file. A specific series of files are made into a single file in a certain format for users to download and use, such as operating system images, game images, and image files. Can be recognized by specific software and burned to disc.

系统镜像文件包含操作系统文件、引导文件、分区表信息等,用于系统的安装和修复,系统镜像文件可以理解成是对整个系统安装光盘所有数据的克隆文件,比如微软原版系统,也可以是操作系统分区的备份文件,比如ghost系统镜像,一般镜像文件后缀名大多为.iso。The system image file contains operating system files, boot files, partition table information, etc., and is used for system installation and repair. The system image file can be understood as a clone file of all the data on the entire system installation CD, such as the original Microsoft system, or it can be Backup files of operating system partitions, such as ghost system images, generally the suffix of image files is .iso.

(2)生命周期,芯片的生命周期可以用于指示芯片的使用周期,例如生命周期可以指示芯片当前处于测试阶段或应用阶段,其中测试阶段为芯片生产后测试芯片性能的阶段,应用阶段为芯片投入电子设备应用的阶段。(2) Life cycle. The life cycle of the chip can be used to indicate the use cycle of the chip. For example, the life cycle can indicate that the chip is currently in the testing phase or the application phase. The testing phase is the phase where the performance of the chip is tested after the chip is produced. The application phase is the chip Enter the stage of application of electronic equipment.

芯片是一种集成电路的半导体元件,广泛应用于各类智能设备,如智能终端设备、智能家居设备、智能车等。芯片通常由多个知识产权(intellectual property,IP)核组成,多个IP核通过总线与存储器连接,从而进行程序和数据的交互。每个IP核可以视为一个预先设计好的电路功能模块,用于实现相应功能。其中,IP核可以是中央处理器(central processing unit,CPU)、应用处理器(application processor,AP)、图形处理器(graphics processing unit,GPU)、多媒体子系统(video subsystem)、相机子系统(camera subsystem)、无线接入模块(modem)、显示子系统(display subsystem)等。A chip is a semiconductor component of an integrated circuit, which is widely used in various types of smart devices, such as smart terminal devices, smart home devices, smart cars, etc. A chip is usually composed of multiple intellectual property (IP) cores. Multiple IP cores are connected to the memory through a bus to interact with programs and data. Each IP core can be regarded as a pre-designed circuit function module used to implement corresponding functions. Among them, the IP core can be a central processing unit (CPU), an application processor (AP), a graphics processing unit (GPU), a multimedia subsystem (video subsystem), a camera subsystem ( camera subsystem), wireless access module (modem), display subsystem (display subsystem), etc.

示例性的,一种芯片的结构可以如图1所示。在图1中,CPU、多媒体子系统、相机子系统、显示子系统、GPU和无线接入模块通过总线与存储器连接。By way of example, the structure of a chip can be shown in Figure 1 . In Figure 1, the CPU, multimedia subsystem, camera subsystem, display subsystem, GPU and wireless access module are connected to the memory through the bus.

通过图1可以看出,芯片中包括多个IP核,芯片需要经过多个启动阶段,才能够完成芯片的启动过程,如终端设备上的系统芯片的启动过程包括ONCHIPROM、FASHBOOT、TEEOS等启动阶段。在芯片启动过程中每个启动阶段均需要启动镜像文件,为保证镜像文件的安全性,生产厂家在生产芯片时,通常会将加密的镜像文件存储到芯片中,例如将加密的镜像文件存储到图1所示的存储器中,因此在芯片启动过程中,在启动镜像文件之前,需要先对加密的镜像文件进行解密。As can be seen from Figure 1, the chip includes multiple IP cores, and the chip needs to go through multiple startup stages before it can complete the chip startup process. For example, the startup process of the system chip on the terminal device includes ONCHIPROM, FASHBOOT, TEEOS and other startup stages. . During the chip startup process, an image file needs to be started at each startup stage. In order to ensure the security of the image file, manufacturers usually store the encrypted image file in the chip when producing the chip. For example, the encrypted image file is stored in In the memory shown in Figure 1, therefore during the chip startup process, the encrypted image file needs to be decrypted before starting the image file.

目前较为常见的芯片启动方法为:将密钥预先存储到芯片内,如将密钥存储到图1所示的存储器中,在芯片启动阶段读取密钥并对加密后的镜像文件解密。以一种系统芯片的启动方法为例,在芯片加密阶段,将固定密钥烧写入系统芯片,并熔断系统芯片的可编程熔丝,从而将固定密钥存储到系统芯片中。在系统芯片启动阶段,读取存储的固定密钥,根据固定密钥对多个加密文件解密,得到多个镜像文件,启动多个镜像文件从而完成芯片的启动过程。在该方法中,芯片的多个启动阶段中的多个加密文件对应的均为一组相同的固定密钥,但在芯片启动阶段均使用相同密钥对所有加密文件进行解密的方法安全性较低,一旦密钥泄露,则会导致所有加密文件被解密,造成安全隐患。At present, the more common chip startup method is to store the key in the chip in advance, such as storing the key in the memory shown in Figure 1, reading the key and decrypting the encrypted image file during the chip startup phase. Taking a system chip startup method as an example, during the chip encryption stage, a fixed key is burned into the system chip and the programmable fuse of the system chip is blown, thereby storing the fixed key into the system chip. During the startup phase of the system chip, the stored fixed key is read, multiple encrypted files are decrypted according to the fixed key, multiple image files are obtained, and multiple image files are started to complete the chip startup process. In this method, multiple encrypted files in the multiple startup phases of the chip all correspond to a set of the same fixed keys. However, the method of using the same key to decrypt all encrypted files in the chip startup phase is more secure. Low, once the key is leaked, all encrypted files will be decrypted, causing security risks.

基于上述问题,本申请实施例提供一种芯片安全启动方法及芯片,在芯片的多个启动阶段中,生成用于对加密文件进行解密的密钥,不同的启动阶段对应的密钥可以不同,从而保证芯片启动过程的安全性。Based on the above problems, embodiments of the present application provide a chip secure startup method and chip. In multiple startup phases of the chip, keys for decrypting encrypted files are generated. The keys corresponding to different startup phases can be different. This ensures the security of the chip startup process.

本申请实施例可以适用于多种可能的场景,如在芯片测试阶段或芯片应用阶段,均可以采用本申请实施例提供的芯片安全启动方法。可选地,可以在芯片的设计阶段,在芯片中增加密钥生成模块,或为芯片现有模块如CPU增加密钥生成功能以作为密钥生成模块,该密钥生成模块用于在芯片测试或芯片应用时芯片的多个启动阶段中,生成用于对加密文件进行解密的密钥,其中不同启动阶段的密钥可以不同,从而无需将密钥存储至芯片内也可以在芯片启动过程中生成密钥,能够对加密文件解密的同时保证芯片启动的安全性。The embodiments of the present application can be applied to a variety of possible scenarios. For example, in the chip testing phase or the chip application phase, the chip secure startup method provided by the embodiments of the present application can be used. Optionally, a key generation module can be added to the chip during the chip design phase, or a key generation function can be added to an existing chip module such as the CPU as a key generation module. The key generation module is used for chip testing. Or during the chip application, the key used to decrypt the encrypted file is generated during the multiple startup stages of the chip. The keys in different startup stages can be different, so that the key does not need to be stored in the chip and can also be used during the chip startup process. Generating a key can decrypt encrypted files while ensuring the security of chip startup.

通过上述介绍可知,芯片启动过程包含多个启动阶段,下面以芯片的第一启动阶段为例,对本申请实施例提供的芯片启动方法进行进一步介绍,其中,第一启动阶段为芯片多个启动阶段中的任一个启动阶段;。It can be seen from the above introduction that the chip startup process includes multiple startup stages. The following takes the first startup stage of the chip as an example to further introduce the chip startup method provided by the embodiment of the present application. The first startup stage is the multiple startup stages of the chip. any startup phase;.

图2为本申请实施例提供的一种芯片的结构示意图,参考图2,该芯片可以包括密钥生成模块以及处理模块。FIG. 2 is a schematic structural diagram of a chip provided by an embodiment of the present application. Referring to FIG. 2 , the chip may include a key generation module and a processing module.

密钥生成模块,用于生成第一启动阶段对应的第一密钥;第一密钥与第二启动阶段对应的密钥不同,第二启动阶段为多个启动阶段中的除第一启动阶段以外的一个启动阶段;A key generation module, used to generate a first key corresponding to the first startup phase; the first key is different from the key corresponding to the second startup phase, and the second startup phase is the first startup phase among multiple startup phases. A start-up stage other than;

处理模块,用于在第一启动阶段内,根据第一密钥对第一加密文件进行解密处理,得到第一镜像文件;启动第一镜像文件;其中,第一加密文件是使用第一密钥进行加密的。A processing module configured to decrypt the first encrypted file according to the first key during the first startup phase to obtain the first image file; start the first image file; wherein the first encrypted file is generated using the first key Encrypted.

芯片的任一个启动阶段内需要启动该启动阶段对应的镜像文件,例如,芯片的多媒体子系统启动阶段内需要启动音频镜像文件以及视频镜像文件等。在第一启动阶段,需要对第一加密文件进行解密以得到第一启动阶段内需启动的镜像文件,其中,在芯片加密阶段, 第一加密文件是使用第一密钥进行加密后,保存到芯片中的。因此,在第一启动阶段,需要生成第一密钥,以对第一加密文件进行解密。In any startup phase of the chip, the image file corresponding to the startup phase needs to be started. For example, the audio image file and video image file need to be started in the startup phase of the multimedia subsystem of the chip. In the first startup stage, the first encrypted file needs to be decrypted to obtain the image file that needs to be started in the first startup stage. In the chip encryption stage, the first encrypted file is encrypted using the first key and then saved to the chip. middle. Therefore, during the first startup phase, a first key needs to be generated to decrypt the first encrypted file.

需要说明的是,本申请实施例提供的芯片安全启动方法中,不同启动阶段内需要进行解密的加密文件对应的密钥可以相同也可以不同,但至少有两个启动阶段对应的密钥不同。具体来说,第一启动阶段对应的第一密钥与第二启动阶段对应的密钥不同,其中第二启动阶段可以为芯片的多个启动阶段中除第一启动阶段以外的一个启动阶段,也就是说,本申请实施例提供的芯片安全启动方法中,并不是采用一个固定的密钥对所有启动阶段内需要启动的镜像文件进行加密,从而提高安全性。It should be noted that in the chip secure startup method provided by the embodiment of the present application, the keys corresponding to the encrypted files that need to be decrypted in different startup stages can be the same or different, but at least two startup stages have different keys. Specifically, the first key corresponding to the first startup phase is different from the key corresponding to the second startup phase, where the second startup phase may be one of the multiple startup phases of the chip other than the first startup phase, That is to say, in the chip secure startup method provided by the embodiment of the present application, a fixed key is not used to encrypt all image files that need to be started during the startup phase, thereby improving security.

一种可选的实施方式中,在芯片加密阶段,对于保密级别较高的多个镜像文件,可以分别采用不同的密钥进行加密,而对于保密级别较低的多个镜像文件,可以使用相同的密钥进行加密。具体实施中,可以根据芯片需要加密的镜像文件以及芯片各个启动阶段的启动时间等需求,灵活使用密钥对镜像文件进行加密。In an optional implementation, during the chip encryption stage, different keys can be used to encrypt multiple image files with higher confidentiality levels, while the same key can be used for multiple image files with lower confidentiality levels. key for encryption. In specific implementation, the key can be flexibly used to encrypt the image file according to the image file that needs to be encrypted by the chip and the startup time of each startup stage of the chip.

下面对本申请实施例提供的芯片安全启动方法中,芯片中的密钥生成模块生成第一密钥的方式进行介绍:The following is an introduction to the way in which the key generation module in the chip generates the first key in the chip secure startup method provided by the embodiment of the present application:

密钥生成模块生成第一启动阶段对应的第一密钥参数,该第一密钥参数用于构成第一密钥,不同的密钥参数可以构成不同的密钥,进而可以通过生成不同的密钥参数以得到不同的密钥。The key generation module generates the first key parameters corresponding to the first startup phase. The first key parameters are used to constitute the first key. Different key parameters can constitute different keys, and further, different keys can be generated by key parameters to get different keys.

可选地,当第一启动阶段为多个启动阶段中首个启动阶段时,根据预配置的初始值和第二运算规则生成第一密钥参数,其中,预配置的初始值可以为在生产芯片时存储到芯片中的。例如,假设预配置的初始值为001,假设第二运算规则为累加运算,累加值为1,则第一密钥参数为010。Optionally, when the first startup phase is the first startup phase among multiple startup phases, the first key parameter is generated according to the preconfigured initial value and the second operation rule, where the preconfigured initial value may be The chip is stored in the chip. For example, assume that the preconfigured initial value is 001, assume that the second operation rule is an accumulation operation, and the accumulation value is 1, then the first key parameter is 010.

当第一启动阶段为多个启动阶段中除首个启动阶段以外的启动阶段时,根据第一启动阶段的前一启动阶段对应的密钥参数和第三运算规则,生成第一密钥参数。例如,假设第一启动阶段的前一启动阶段对应的密钥参数为100,第三运算规则为累加运算,累加值为1,则第一密钥参数为101。When the first startup phase is a startup phase other than the first startup phase among the multiple startup phases, the first key parameter is generated according to the key parameter corresponding to the previous startup phase of the first startup phase and the third operation rule. For example, assume that the key parameter corresponding to the previous startup phase of the first startup phase is 100, the third operation rule is an accumulation operation, and the accumulated value is 1, then the first key parameter is 101.

需要说明的是,第二运算规则与第三运算规则可以相同,例如第二运算规则和第三运算规则均为累加运算,但根据第二运算规则和第三运算规则计算得到的多个密钥参数中不存在相同的密钥参数。It should be noted that the second operation rule and the third operation rule may be the same. For example, the second operation rule and the third operation rule are both accumulation operations, but multiple keys calculated according to the second operation rule and the third operation rule The same key parameter does not exist in the parameters.

以第二运算规则和第三运算规则且均为设定运算规则为例,对本申请实施例中密钥生成模块在生成密钥参数的方式进行进一步介绍:密钥生成模块可以根据预配置的初始值以及设定运算规则,生成至少一个密钥参数。可选地,预配置的初始值可以在芯片生产时烧写到芯片的固定缓存中,以防止该初始值被篡改,例如,将预配置的初始值烧写到一次性可编程存储器(EFUSE)中。需要注意的是,为保证生成的至少一个密钥参数均不同,设定运算规则为一个不可逆的单向计算的运算规则,例如,设定运算规则可以为累加运算、累减运算、指数运算等,但设定运算规则不能为累加运算和累减运算交替进行的运算规则,因此,根据本申请实施例提供的芯片安全启动方法生成的密钥参数也可以称为不可逆因子,也就是在生成密钥参数的过程中,不会生成两个相同的密钥参数,密钥参数的生成过程是不可逆的。Taking the second operation rule and the third operation rule, both of which are set operation rules, as an example, the method of generating key parameters by the key generation module in the embodiment of the present application is further introduced: the key generation module can be based on the preconfigured initial value and set operation rules to generate at least one key parameter. Optionally, the preconfigured initial value can be programmed into the chip's fixed cache when the chip is produced to prevent the initial value from being tampered with, for example, by programming the preconfigured initial value into one-time programmable memory (EFUSE). middle. It should be noted that, in order to ensure that at least one key parameter generated is different, the operation rule is set to be an irreversible one-way calculation operation rule. For example, the set operation rule can be accumulation operation, accumulation subtraction operation, exponential operation, etc. , but the set operation rule cannot be an operation rule in which accumulation operation and accumulation operation are alternately performed. Therefore, the key parameter generated according to the chip secure startup method provided by the embodiment of the present application can also be called an irreversible factor, that is, when generating the key During the process of generating key parameters, no two identical key parameters will be generated, and the generation process of key parameters is irreversible.

举例来说,密钥生成模块中的一个32位寄存器可以用于生成密钥参数,假设预配置的初始值为0x00000001,设定运算规则为累加运算,累加值为1,则在芯片的多个启动阶 段中,该寄存器使能一次,能够得到一个密钥参数,如生成的第一个密钥参数为0x00000002,第二个密钥参数为0x00000003…….以此类推,该寄存器能够支持生成的最后一个密钥参数为0xFFFFFFFF,也就是说,为保证生成的任意两个密钥参数不同,该寄存器在累加得到0xFFFFFFFF后不支持翻转。For example, a 32-bit register in the key generation module can be used to generate key parameters. Assume that the preconfigured initial value is 0x00000001, the operation rule is set to accumulation operation, and the accumulation value is 1. During the startup phase, this register is enabled once and a key parameter can be obtained. For example, the first key parameter generated is 0x00000002, the second key parameter is 0x00000003... and so on. This register can support the generated key parameter. The last key parameter is 0xFFFFFFFF, that is, to ensure that any two generated key parameters are different, this register does not support flipping after accumulating to 0xFFFFFFFF.

可选地,密钥生成模块在得到第一密钥参数后,可以根据第一运算规则对第一密钥参数和芯片参数进行运算,得到第一密钥。其中,第一运算规则例如可以为比特拼接运算、移位运算以及移位运算与比特拼接运算的结合。可选的,对第一密钥参数和芯片参数进行运算时,可以对第一密钥参数和芯片参数的全部字段进行运算,也可以对第一密钥参数和芯片参数的部分字段进行运算,以得到密钥参数。Optionally, after obtaining the first key parameter, the key generation module may perform an operation on the first key parameter and the chip parameter according to the first operation rule to obtain the first key. The first operation rule may be, for example, a bit splicing operation, a shift operation, or a combination of a shift operation and a bit splicing operation. Optionally, when performing operations on the first key parameters and chip parameters, operations may be performed on all fields of the first key parameters and chip parameters, or operations may be performed on part of the fields of the first key parameters and chip parameters. to get the key parameters.

例如,当第一运算规则为比特拼接运算时,假设第一密钥参数占用32bits,芯片参数占用16bits,则对第一密钥参数和芯片参数进行比特拼接处理后,可以得到一个48bits的第一密钥。For example, when the first operation rule is a bit splicing operation, assuming that the first key parameter occupies 32 bits and the chip parameter occupies 16 bits, then after bit splicing the first key parameter and the chip parameter, a 48-bit first key.

又例如,当第一运算规则为移位运算与比特拼接运算结合时,可以对第一密钥参数移位设定位数后,再对移位后的第一密钥参数与芯片参数进行比特拼接。For another example, when the first operation rule is a combination of a shift operation and a bit splicing operation, the first key parameter can be shifted by a set number of bits, and then the shifted first key parameter and the chip parameter can be bit-processed. Splicing.

可以理解的是,本申请实施例中,根据第一运算规则对多个密钥参数和芯片参数分别进行运算后,得到的多个密钥参数均不同,也就是说,第一运算规则不能够使得不同的密钥参数与芯片参数进行运算后得到相同的密钥参数。以上第一运算规则仅作为示例性描述,凡是能够对不同密钥参数和芯片参数进行运算后,得到不同密钥的运算规则均适用,本申请实施例对此不作限定。It can be understood that in the embodiment of the present application, after the multiple key parameters and chip parameters are respectively calculated according to the first operation rule, the multiple key parameters obtained are all different. That is to say, the first operation rule cannot So that the same key parameters can be obtained after different key parameters and chip parameters are calculated. The above first operation rule is only used as an exemplary description. Any operation rule that can obtain different keys after operation on different key parameters and chip parameters is applicable, and the embodiments of the present application are not limited to this.

需要说明的是,芯片参数可以用于指示芯片的使用周期、生产厂家、应用厂家、应用设备等信息,例如芯片参数可以包括生命周期、公钥哈希值、应用厂家标识(original equipment manufacturer identity document,OEM ID)、应用设备标识(product ID)、寄存器标识中的至少一项,其中,生命周期用于指示芯片当前的使用周期,例如使用周期包括测试阶段和应用阶段,则可以通过生命周期区分芯片的使用周期,从而在芯片的测试阶段和应用阶段使用不同的密钥对镜像文件加密,进一步提高安全性;公钥哈希值可以用于指示芯片的生产厂家;OEM ID可以用于指示芯片应用的厂家;product ID可以用于指示芯片应用的产品;寄存器标识用于指示芯片中包括的寄存器,如寄存器类型、寄存器状态等。实施中,可以通过设置芯片参数的具体内容以生成不同的密钥,使得芯片在不同使用周期、不同生产厂家、不同应用厂家以及不同应用产品时均对应不同的密钥,进一步防止密钥泄露。It should be noted that the chip parameters can be used to indicate the chip's life cycle, manufacturer, application manufacturer, application equipment and other information. For example, the chip parameters can include life cycle, public key hash value, application manufacturer identity document (original equipment manufacturer identity document). , OEM ID), application device identification (product ID), and register identification, where the life cycle is used to indicate the current use cycle of the chip. For example, the use cycle includes the testing phase and the application phase, which can be distinguished by the life cycle. The life cycle of the chip, so that different keys are used to encrypt the image file during the testing phase and application phase of the chip, further improving security; the public key hash value can be used to indicate the manufacturer of the chip; the OEM ID can be used to indicate the chip The manufacturer of the application; product ID can be used to indicate the product of the chip application; register identification is used to indicate the registers included in the chip, such as register type, register status, etc. During implementation, different keys can be generated by setting the specific content of the chip parameters, so that the chips correspond to different keys in different use cycles, different manufacturers, different application manufacturers, and different application products, further preventing key leakage.

密钥生成模块在生成第一密钥后,将第一密钥发送给处理模块,处理模块根据第一密钥对第一加密文件进行解密,得到第一镜像文件。处理模块启动第一镜像文件,从而完成第一启动阶段。After generating the first key, the key generation module sends the first key to the processing module, and the processing module decrypts the first encrypted file according to the first key to obtain the first image file. The processing module starts the first image file, thereby completing the first startup phase.

可以理解的是,通过上述介绍可知,芯片的几个启动阶段对应的镜像文件可以使用相同的密钥进行加密,则处理模块在获取到密钥参数并生成该密钥后,可以分别在以上多个启动阶段中,使用该密钥对每个启动阶段的加密文件进行解密,并启动解密后得到的镜像文件。It can be understood that from the above introduction, the image files corresponding to several startup stages of the chip can be encrypted using the same key. Then, after the processing module obtains the key parameters and generates the key, it can separately In each startup phase, use this key to decrypt the encrypted file in each startup phase, and start the image file obtained after decryption.

可选地,在芯片的一个启动阶段中,可能包含多个子启动阶段,并需要启动多个镜像文件,这多个镜像文件可以对应同一个密钥,也可以对应不同的密钥,也就是说,第一启动阶段可以对应多个密钥,如第一启动阶段对应第一密钥和第二密钥,第一密钥用于对第 一加密文件进行解密得到第一镜像文件,第二密钥用于对第二加密文件进行解密得到第二镜像文件,第一密钥和第二密钥不同。可以理解的是,第二密钥对应的第二密钥参数可以是根据第一密钥参数以及设定运算规则生成的,第二密钥的具体生成方式可以参见上述第一密钥的生成方式实施,重复之处不再赘述。Optionally, a startup phase of the chip may contain multiple sub-boot phases, and multiple image files need to be started. These multiple image files can correspond to the same key or different keys, that is to say , the first startup phase can correspond to multiple keys. For example, the first startup phase corresponds to a first key and a second key. The first key is used to decrypt the first encrypted file to obtain the first image file, and the second key is used to decrypt the first encrypted file to obtain the first image file. The key is used to decrypt the second encrypted file to obtain the second image file, and the first key and the second key are different. It can be understood that the second key parameters corresponding to the second key can be generated according to the first key parameters and the set operation rules. For the specific generation method of the second key, please refer to the above-mentioned generation method of the first key. Implementation, the repetitive parts will not be repeated.

另外,当一个启动阶段中包含的多个子启动阶段,且多个子启动阶段需要启动相同的镜像文件时,可以在芯片生产阶段,将该镜像文件对应的密钥参数存储到芯片中。在芯片启动过程进行到该启动阶段时,在多个子启动阶段内,根据预配置的密钥参数生成密钥,根据该密钥对加密文件解密,得到镜像文件,并启动该镜像文件。In addition, when a startup phase contains multiple sub-boot phases, and the multiple sub-boot phases need to start the same image file, the key parameters corresponding to the image file can be stored in the chip during the chip production phase. When the chip startup process reaches this startup stage, in multiple sub-start stages, a key is generated according to the preconfigured key parameters, the encrypted file is decrypted according to the key, an image file is obtained, and the image file is started.

本申请实施例一种可能的实施例中,为保证防止密钥泄露,在芯片的每个启动阶段中,启动镜像文件后,将该启动阶段对应的密钥处理为无效密钥,例如,删除密钥或将密钥的所有比特位置0或置1,使得密钥无法再次被使用,进一步保证芯片启动的安全性。In a possible embodiment of this application, in order to prevent key leakage, in each startup phase of the chip, after starting the image file, the key corresponding to the startup phase is processed as an invalid key, for example, deleted The key may set all bit positions of the key to 0 or 1 so that the key cannot be used again, further ensuring the security of chip startup.

可选地,本申请实施例中芯片启动过程的多个阶段并不可逆,例如,假设芯片启动过程包括三个启动阶段(启动阶段A、启动阶段B和启动阶段C),在启动阶段B结束后,只能进入启动阶段C,而不能再次进入启动阶段A和启动阶段B。可以理解的是,通过前述内容可知,每个启动阶段完成后,该启动阶段对应密钥会被处理为无效密钥,也就是说,即使强制重新进入在前启动阶段,由于在前启动阶段对应的密钥已无效,这些在前启动阶段的镜像文件并不能被解密出来,也就不能重新启动在前启动阶段。Optionally, the multiple stages of the chip startup process in the embodiment of the present application are not reversible. For example, assume that the chip startup process includes three startup phases (startup phase A, startup phase B, and startup phase C). After startup phase B ends, , can only enter startup phase C, but cannot enter startup phase A and startup phase B again. It can be understood from the foregoing that after each startup phase is completed, the key corresponding to the startup phase will be processed as an invalid key. That is to say, even if the previous startup phase is forcibly re-entered, because the corresponding key in the previous startup phase The key is invalid, these image files in the previous startup phase cannot be decrypted, and the previous startup phase cannot be restarted.

可选地,在芯片的多个启动阶段均完成后,芯片的某些启动阶段可能会需要重新启动,例如芯片的通信模块可能存在频繁的上下电情况,则通信模块对应的启动阶段需要进行频繁的重新启动。当然,当前芯片的多个启动阶段均已完成,某些启动阶段需要重新启动并不代表整个芯片需要重新启动,将芯片应用于智能设备上时,芯片的多个启动阶段完成时,智能设备已完成开机,芯片的某些启动阶段需要进行重新启动,并不需要重新启动该智能设备。假设第一启动阶段为需要在多个启动阶段完成后重新启动的一个启动阶段,在芯片生产过程中,可以将第一启动阶段对应的目标密钥参数存储在芯片的存储器中。在需要对第一启动阶段进行重新启动时,直接读取芯片的存储器以获取目标密钥参数,从而根据目标密钥参数重新生成第一启动阶段对应的第一密钥,根据第一密钥对第一启动阶段对应的第一加密文件进行解密,得到第一镜像文件,重新启动第一镜像文件以完成第一启动阶段的重新启动。Optionally, after multiple startup phases of the chip are completed, some startup phases of the chip may need to be restarted. For example, the communication module of the chip may be powered on and off frequently, and the corresponding startup phase of the communication module needs to be restarted frequently. of restart. Of course, multiple startup phases of the current chip have been completed. The need to restart some startup phases does not mean that the entire chip needs to be restarted. When the chip is applied to a smart device, when the multiple startup phases of the chip are completed, the smart device has After the boot is completed, some startup stages of the chip need to be restarted, and the smart device does not need to be restarted. Assuming that the first startup phase is a startup phase that needs to be restarted after multiple startup phases are completed, during the chip production process, the target key parameters corresponding to the first startup phase can be stored in the memory of the chip. When the first startup phase needs to be restarted, the memory of the chip is directly read to obtain the target key parameters, so as to regenerate the first key corresponding to the first startup phase according to the target key parameters. According to the first key pair The first encrypted file corresponding to the first startup phase is decrypted to obtain the first image file, and the first image file is restarted to complete the restart of the first startup phase.

一种可选的实施方式中,本申请实施例中芯片的密钥生成模块还可以拆分为密钥参数生成模块和运算模块,例如图3为一种芯片的结构示意图,该芯片包括密钥参数生成模块、运算模块、处理模块以及存储模块。In an optional implementation, the key generation module of the chip in the embodiment of the present application can also be split into a key parameter generation module and an operation module. For example, Figure 3 is a schematic structural diagram of a chip. The chip includes a key Parameter generation module, operation module, processing module and storage module.

其中,存储模块可以为闪存存储器(FLASH)或EFUSE等一次性可编程存储器(one time programmable,OTP),或存储模块可以为非易失存储器(non-volatile memory,NVM),存储模块可以用于存储预配置的初始值。Among them, the storage module can be a one-time programmable memory (OTP) such as flash memory (FLASH) or EFUSE, or the storage module can be a non-volatile memory (non-volatile memory, NVM). The storage module can be used for Stores preconfigured initial values.

基于图3所示的芯片结构,本申请实施例提供的一种芯片安全启动方法包括以下步骤,假设芯片启动过程包括N个启动阶段:Based on the chip structure shown in Figure 3, a chip secure startup method provided by the embodiment of the present application includes the following steps. It is assumed that the chip startup process includes N startup stages:

S301:响应启动指令,密钥参数生成模块从存储模块中获取预配置的初始值。S301: In response to the startup command, the key parameter generation module obtains the preconfigured initial value from the storage module.

S302:密钥参数模块根据预配置的初始值以及设定运算规则生成第1个启动阶段对应的密钥参数。S302: The key parameter module generates key parameters corresponding to the first startup phase based on the preconfigured initial value and the set operation rules.

例如,密钥参数生成模块可以为不可逆的单向累加或单向累减的计数器Monotonic,假设密钥参数生成模块为累加计算器,则密钥参数模块在获取到预配置的初始值后,可以计算初始值与累加值的和作为第一个密钥参数。密钥参数生成模块在每使能一次后,对当前值与累加值进行一次求和运算,得到下一个密钥参数。For example, the key parameter generation module can be an irreversible one-way accumulation or one-way decrement counter Monotonic. Assume that the key parameter generation module is an accumulation calculator. After obtaining the preconfigured initial value, the key parameter module can Calculate the sum of the initial value and the accumulated value as the first key parameter. Each time the key parameter generation module is enabled, it performs a summation operation on the current value and the accumulated value to obtain the next key parameter.

S303:密钥参数模块将计算得到的密钥参数发送给运算模块。S303: The key parameter module sends the calculated key parameters to the operation module.

S304:运算模块根据第一运算规则对密钥参数和芯片参数进行运算,得到密钥。S304: The operation module operates on the key parameters and chip parameters according to the first operation rule to obtain the key.

可选地,当第1个启动阶段对应多个密钥时,密钥参数生成模块可以使能多次,得到多个密钥参数,运算模块可以分别对每个密钥参数与芯片参数进行运算,得到多个密钥。Optionally, when the first startup phase corresponds to multiple keys, the key parameter generation module can be enabled multiple times to obtain multiple key parameters, and the operation module can perform calculations on each key parameter and chip parameter respectively. , get multiple keys.

S305:运算模块将密钥发送给处理模块。S305: The computing module sends the key to the processing module.

S306:处理模块根据密钥对第1个启动阶段对应的加密文件进行解密处理,得到镜像文件,并启动该镜像文件。S306: The processing module decrypts the encrypted file corresponding to the first startup stage according to the key, obtains the image file, and starts the image file.

S307:密钥参数模块根据当前值以及设定运算规则生成当前启动阶段对应的密钥参数。S307: The key parameter module generates key parameters corresponding to the current startup stage based on the current value and the set operation rule.

可以理解的是,密钥参数模块中的当前值为密钥参数模块上一次生成的密钥参数。It can be understood that the current value in the key parameter module is the key parameter last generated by the key parameter module.

S308:密钥参数模块将计算得到的密钥参数发送给运算模块。S308: The key parameter module sends the calculated key parameters to the operation module.

S309:运算模块根据第一运算规则对密钥参数和芯片参数进行运算,得到密钥。S309: The operation module operates on the key parameters and chip parameters according to the first operation rule to obtain the key.

S310:运算模块将密钥发送给处理模块。S310: The computing module sends the key to the processing module.

S311:处理模块根据密钥对当前启动阶段对应的加密文件进行解密处理,得到镜像文件,并启动该镜像文件。S311: The processing module decrypts the encrypted file corresponding to the current startup stage according to the key, obtains the image file, and starts the image file.

重复S307~S311直至芯片的N个启动阶段均完成。Repeat S307 to S311 until all N startup phases of the chip are completed.

示例性的,本申请实施例还提供一种密钥参数生成模块的可能的结构,例如图4为一种密钥参数生成模块的示例性的结构示意图,该密钥生成模块包括4个存储器,这4个寄存器分别为:第一寄存器、第二寄存器、第三寄存器以及第四寄存器,下面分别对这4个寄存器的功能进行介绍:Exemplarily, the embodiment of the present application also provides a possible structure of a key parameter generation module. For example, Figure 4 is an exemplary structural schematic diagram of a key parameter generation module. The key generation module includes 4 memories. These four registers are: the first register, the second register, the third register and the fourth register. The functions of these four registers are introduced below:

第二寄存器,为选择寄存器,用于选择第三寄存器或第四寄存器作为输出寄存器,当第二寄存器为0时,第三寄存器作为输出寄存器,第三寄存器生成的密钥参数用于生成密钥;当第二寄存器不为0时,第四寄存器作为输出寄存器,第四寄存器生成的密钥参数用于生成密钥。The second register is a selection register, used to select the third register or the fourth register as the output register. When the second register is 0, the third register serves as the output register, and the key parameters generated by the third register are used to generate the key. ; When the second register is not 0, the fourth register serves as the output register, and the key parameters generated by the fourth register are used to generate the key.

第三寄存器,可以配置为寄存器可支持的任意值。The third register can be configured to any value that the register can support.

第四寄存器,用于根据设定运算规则生成密钥参数,例如,在芯片的首个启动阶段,将预配置的初始值写入第四寄存器,第四寄存器可以根据初始值以及设定运算规则生成首个启动阶段对应的密钥参数。软件配置使能一次,第四寄存器根据设定运算规则对当前值进行一次运算,得到一个密钥参数。The fourth register is used to generate key parameters according to the set operation rules. For example, during the first startup phase of the chip, the preconfigured initial value is written into the fourth register. The fourth register can be based on the initial value and the set operation rules. Generate key parameters corresponding to the first startup phase. Once the software configuration is enabled, the fourth register performs an operation on the current value according to the set operation rules to obtain a key parameter.

第一寄存器,为锁定寄存器,用于在芯片完成多个启动阶段后,对第二寄存器、第三寄存器和第四寄存器进行锁定。例如,写入第一寄存器的Magic值后,第二寄存器钳位为0,也就是选择第三寄存器作为输出寄存器,且第四寄存器不再生成密钥参数。The first register is a lock register, used to lock the second register, the third register and the fourth register after the chip completes multiple startup stages. For example, after writing the Magic value of the first register, the second register is clamped to 0, that is, the third register is selected as the output register, and the fourth register no longer generates key parameters.

一种可选的实施方式中,芯片上电开始启动过程,第二寄存器写入设定非0值,选择第四寄存器作为输出寄存器,将芯片中存储的初始值写入第四寄存器,软件配置使能一次,第四寄存器根据设定运算规则对当前值进行一次运算,得到一个密钥参数,第四寄存器将生成的密钥参数输出,由后续的运算模块根据第一运算规则对密钥参数和芯片参数进行运 算,生成密钥。在芯片的BOOTLOADER阶段,对芯片启动过程中的全部镜像文件进行校验,校验通过后,第一寄存器发起锁定,锁定后第二寄存器钳位成0,此时第四寄存器停止生成密钥参数,且第四寄存器也不再作为输出寄存器。也就是说,在芯片的多个启动阶段结束后,只能通过配置第三寄存器,并将第三寄存器作为输出寄存器的方式生成密钥参数。In an optional implementation, the chip is powered on to start the startup process, the second register is written to set a non-zero value, the fourth register is selected as the output register, the initial value stored in the chip is written into the fourth register, and the software configures When enabled once, the fourth register performs an operation on the current value according to the set operation rules to obtain a key parameter. The fourth register outputs the generated key parameter, and the subsequent operation module calculates the key parameter according to the first operation rule. Perform calculations with chip parameters to generate a key. In the BOOTLOADER stage of the chip, all image files during the startup process of the chip are verified. After the verification passes, the first register initiates a lock. After locking, the second register is clamped to 0. At this time, the fourth register stops generating key parameters. , and the fourth register is no longer used as an output register. That is to say, after the multiple startup phases of the chip are completed, the key parameters can only be generated by configuring the third register and using the third register as an output register.

可选地,图4所示的密钥参数生成模块还能够实现以下两种特殊场景下的密钥参数生成:Optionally, the key parameter generation module shown in Figure 4 can also generate key parameters in the following two special scenarios:

场景1:在芯片的多个启动阶段完成后,第一启动阶段需要进行重新启动。Scenario 1: After the multiple boot phases of the chip are completed, the first boot phase requires a reboot.

其中,第一启动阶段例如为TEEOS阶段。The first startup phase is, for example, the TEEOS phase.

确定第一启动阶段需要重新启动时,从芯片的存储器中获取第一启动阶段对应的目标密钥参数,并将目标密钥参数写入第三寄存器,由于芯片的多个启动阶段完成后,第一寄存器发起锁定,锁定后第二寄存器钳位成0,此时第三寄存器作为输出寄存器,则第三寄存器可以将目标密钥参数输出,由运算模块根据第一运算规则对目标密钥参数和芯片参数进行运算,重新生成第一密钥。处理模块可以根据第一密钥对第一加密文件解密得到第一镜像文件,处理器启动第一镜像文件,完成第一启动阶段的重新启动。When it is determined that the first startup phase needs to be restarted, the target key parameters corresponding to the first startup phase are obtained from the memory of the chip, and the target key parameters are written into the third register. After the multiple startup phases of the chip are completed, the third One register initiates locking, and after locking, the second register is clamped to 0. At this time, the third register serves as the output register, and the third register can output the target key parameters. The operation module calculates the target key parameters and the sum according to the first operation rule. The chip parameters are calculated and the first key is regenerated. The processing module can decrypt the first encrypted file according to the first key to obtain the first image file, and the processor starts the first image file to complete the restart of the first startup phase.

场景2:芯片的一个启动阶段内包含的多个子启动阶段内均需要启动同一个镜像文件。Scenario 2: Multiple sub-boot stages included in one startup phase of the chip all need to start the same image file.

芯片的一个启动阶段内可能包括多个子启动阶段,且有些镜像文件可能在多个子启动阶段中均需要进行启动,例如芯片的第一启动阶段中包括子启动阶段A和子启动阶段B,且子启动阶段A和子启动阶段B都需要启动镜像文件A,则在芯片生产阶段,将镜像文件A对应的密钥参数A存储到芯片的存储器中。在子启动阶段A,将第二寄存器写为0,切换第三寄存器作为输出寄存器,保持第四寄存器暂停。从芯片的存储器中读取镜像文件A对应的密钥参数A,并将密钥参数A写入第三寄存器,从而运算模块可以根据第一运算规则对密钥参数A和芯片参数进行运算,生成密钥A,处理模块可以根据密钥A对加密文件A进行解密,得到镜像文件A并启动镜像文件A。将第二寄存器写为非0值,切换第四寄存器作为输出寄存器。One startup phase of the chip may include multiple sub-boot phases, and some image files may need to be started in multiple sub-boot phases. For example, the first startup phase of the chip includes sub-boot phase A and sub-boot phase B, and the sub-boot phase Both stage A and sub-startup stage B need to start image file A, then during the chip production stage, the key parameter A corresponding to image file A is stored in the memory of the chip. In sub-start phase A, write the second register to 0, switch the third register as the output register, and keep the fourth register suspended. Read the key parameter A corresponding to the image file A from the memory of the chip, and write the key parameter A into the third register, so that the operation module can operate on the key parameter A and the chip parameter according to the first operation rule to generate Key A, the processing module can decrypt the encrypted file A according to the key A, obtain the image file A and start the image file A. Write a non-zero value to the second register and switch the fourth register as an output register.

同样的,在子启动阶段B,将第二寄存器写为0,切换第三寄存器作为输出寄存器,从芯片的存储器中读取镜像文件A对应的密钥参数A,并将密钥参数A写入第三寄存器,从而运算模块可以根据第一运算规则对密钥参数A和芯片参数进行运算,生成密钥A,处理模块可以根据密钥A对加密文件A进行解密,得到镜像文件A并启动镜像文件A。将第二寄存器写为非0值,切换第四寄存器作为输出寄存器。Similarly, in sub-startup phase B, write the second register as 0, switch the third register as the output register, read the key parameter A corresponding to the image file A from the memory of the chip, and write the key parameter A into The third register, so that the operation module can operate on the key parameter A and the chip parameter according to the first operation rule to generate the key A. The processing module can decrypt the encrypted file A according to the key A, obtain the image file A and start the image. Document A. Write a non-zero value to the second register and switch the fourth register as an output register.

本申请实施例一种可选的实施方式中,在运算模块接收到密钥参数生成模块发送的密钥参数之后,还可以根据不同的输出寄存器对接收到的密钥参数进行不同的处理。例如,可以预先设置当第三寄存器作为输出寄存器时,对第三寄存器输出的密钥参数进行第一处理,再将第一处理后的密钥参数与芯片标识进行运算得到密钥;以及预先设置当第四寄存器作为输出寄存器时,对第四寄存器输出的密钥参数进行第二处理,再将第二处理后的密钥参数与芯片标识进行运算得到密钥,其中,第一处理和第二处理可以为加扰处理或加密处理,且第一处理和第二处理不同,从而防止芯片启动过程中,被恶意配置第三寄存器为第四寄存器生成的值而导致的不安全问题,通过对不同的寄存器生成的密钥参数设定不同的处理,即使恶意配置第三寄存器为第四寄存器可以生成的某个密钥参数,也无法根据该密钥参数得到对应的密钥,进一步提高了芯片启动的安全性。In an optional implementation manner of the embodiment of this application, after the computing module receives the key parameters sent by the key parameter generation module, it can also perform different processing on the received key parameters according to different output registers. For example, it can be preset that when the third register is used as an output register, the key parameter output by the third register is first processed, and then the key parameter after the first processing is calculated with the chip identification to obtain the key; and preset When the fourth register is used as an output register, a second process is performed on the key parameter output by the fourth register, and then the key parameter after the second process is calculated with the chip identification to obtain the key, where the first process and the second The processing can be scrambling processing or encryption processing, and the first processing and the second processing are different, thereby preventing unsafe problems caused by maliciously configuring the third register to the value generated by the fourth register during the chip startup process. By processing different The key parameter settings generated by the register are processed differently. Even if the third register is maliciously configured as a key parameter that can be generated by the fourth register, the corresponding key cannot be obtained based on the key parameter, further improving the chip startup security.

需要说明的是,也可以只设置第三寄存器作为输出寄存器时,对第三寄存器输出的密钥参数进行的第一处理,或只设置第四寄存器作为输出寄存器时,对第四寄存器输出的密钥参数进行的第二处理,同样可以实现上述效果。It should be noted that, when only the third register is set as the output register, the first processing is performed on the key parameter output by the third register, or when only the fourth register is set as the output register, the key parameter output by the fourth register is processed. The second processing performed on the key parameter can also achieve the above effect.

基于同一发明构思,本申请实施例提供一种芯片安全启动方法。参见图5,该方法包括如下步骤:Based on the same inventive concept, embodiments of the present application provide a chip secure startup method. Referring to Figure 5, the method includes the following steps:

S501:生成第一启动阶段对应的第一密钥。S501: Generate the first key corresponding to the first startup phase.

其中,所述第一启动阶段为所述芯片多个启动阶段中的任一个启动阶段;所述第一密钥与第二启动阶段对应的密钥不同,所述第二启动阶段为所述多个启动阶段中的除所述第一启动阶段以外的一个启动阶段。Wherein, the first startup phase is any one of the multiple startup phases of the chip; the first key is different from the key corresponding to the second startup phase, and the second startup phase is the multiple startup phases. One startup phase other than the first startup phase among the startup phases.

S502:在所述第一启动阶段内,根据所述第一密钥对第一加密文件进行解密处理,得到第一镜像文件。S502: In the first startup phase, decrypt the first encrypted file according to the first key to obtain the first image file.

其中,所述第一加密文件是使用所述第一密钥进行加密的。Wherein, the first encrypted file is encrypted using the first key.

S503:启动所述第一镜像文件。S503: Start the first image file.

在一种可能的设计中,所述生成第一启动阶段对应的第一密钥,包括:确定所述第一启动阶段对应的第一密钥参数,所述第一密钥参数与所述第二启动阶段对应的密钥参数不同;根据所述第一密钥参数,生成所述第一密钥。In a possible design, generating a first key corresponding to the first startup phase includes: determining a first key parameter corresponding to the first startup phase, the first key parameter being the same as the first key parameter corresponding to the first startup phase. The key parameters corresponding to the two startup stages are different; the first key is generated according to the first key parameter.

在一个可能的设计中,所述根据所述第一密钥参数,生成所述第一密钥,包括:根据第一运算规则对所述第一密钥参数与所述芯片的芯片参数进行运算,得到所述第一密钥。In a possible design, generating the first key according to the first key parameter includes: performing an operation on the first key parameter and the chip parameter of the chip according to a first operation rule. , obtain the first key.

在一个可能的设计中,所述确定所述第一启动阶段对应的第一密钥参数,包括:当所述第一启动阶段为所述多个启动阶段中首个启动阶段时,根据预配置的初始值和第二运算规则生成所述第一密钥参数;或者当所述第一启动阶段为所述多个启动阶段中除首个启动阶段以外的启动阶段时,根据所述第一启动阶段的前一启动阶段对应的密钥参数和第三运算规则,生成所述第一密钥参数。In one possible design, determining the first key parameter corresponding to the first startup phase includes: when the first startup phase is the first startup phase among the multiple startup phases, according to the preconfiguration The initial value and the second operation rule generate the first key parameter; or when the first startup phase is a startup phase other than the first startup phase among the multiple startup phases, according to the first startup phase The first key parameters are generated using the key parameters corresponding to the previous startup stage and the third operation rule.

在一个可能的设计中,所述芯片参数包括以下内容中的至少一项:用于指示所述芯片使用周期的生命周期;用于指示所述芯片生产厂家的公钥哈希值;所述芯片的应用厂家标识;所述芯片的应用设备标识;所述芯片包含的寄存器的标识。In a possible design, the chip parameters include at least one of the following: a life cycle used to indicate the use cycle of the chip; a public key hash value used to indicate the chip manufacturer; the chip The application manufacturer identification; the application equipment identification of the chip; and the identification of the registers contained in the chip.

在一个可能的设计中,在启动所述第一镜像文件之后,所述方法还包括:将所述第一密钥处理为无效密钥;In a possible design, after starting the first image file, the method further includes: processing the first key as an invalid key;

在所述多个启动阶段结束后,所述方法还包括:在所述第一启动阶段需要重新启动时,根据预配置的目标密钥参数重新确定所述第一启动阶段对应的所述第一密钥;根据所述第一密钥对所述第一加密文件进行解密处理,得到所述第一镜像文件;重新启动所述第一镜像文件。After the multiple startup phases are completed, the method further includes: when the first startup phase needs to be restarted, re-determine the first key corresponding to the first startup phase according to the preconfigured target key parameters. Key; decrypt the first encrypted file according to the first key to obtain the first image file; restart the first image file.

此外,图5所示方法中的其他实现方式还可参见上述图2至图4中的相关描述,此处不再赘述。In addition, other implementation methods in the method shown in Figure 5 can also refer to the relevant descriptions in Figures 2 to 4 above, and will not be described again here.

本申请实施例中所描述的方法或算法的步骤可以直接嵌入硬件、处理器执行的软件单元、或者这两者的结合。软件单元可以存储于RAM存储器、闪存、ROM存储器、EPROM存储器、EEPROM存储器、寄存器、硬盘、可移动磁盘、CD-ROM或本领域中其它任意形式的存储媒介中。示例性地,存储媒介可以与处理器连接,以使得处理器可以从存储媒介中读取信息,并可以向存储媒介存写信息。可选地,存储媒介还可以集成到处理器中。 处理器和存储媒介可以设置于ASIC中,ASIC可以设置于终端设备中。可选地,处理器和存储媒介也可以设置于终端设备中的不同的部件中。The steps of the method or algorithm described in the embodiments of this application can be directly embedded in hardware, a software unit executed by a processor, or a combination of the two. The software unit may be stored in RAM memory, flash memory, ROM memory, EPROM memory, EEPROM memory, register, hard disk, removable disk, CD-ROM or any other form of storage medium in the art. For example, the storage medium can be connected to the processor, so that the processor can read information from the storage medium and can store and write information to the storage medium. Optionally, the storage medium can also be integrated into the processor. The processor and the storage medium can be installed in the ASIC, and the ASIC can be installed in the terminal device. Optionally, the processor and the storage medium may also be provided in different components in the terminal device.

这些计算机程序指令也可装载到计算机或其他可编程数据处理设备上,使得在计算机或其他可编程设备上执行一系列操作步骤以产生计算机实现的处理,从而在计算机或其他可编程设备上执行的指令提供用于实现在流程图一个流程或多个流程和/或方框图一个方框或多个方框中指定的功能的步骤。These computer program instructions may also be loaded onto a computer or other programmable data processing device, causing a series of operating steps to be performed on the computer or other programmable device to produce computer-implemented processing, thereby executing on the computer or other programmable device. Instructions provide steps for implementing the functions specified in a process or processes of a flowchart diagram and/or a block or blocks of a block diagram.

尽管结合具体特征及其实施例对本申请进行了描述,显而易见的,在不脱离本申请的精神和范围的情况下,可对其进行各种修改和组合。相应地,本说明书和附图仅仅是所附权利要求所界定的本申请的示例性说明,且视为已覆盖本申请范围内的任意和所有修改、变化、组合或等同物。显然,本领域的技术人员可以对本申请进行各种改动和变型而不脱离本申请的精神和范围。这样,倘若本申请的这些修改和变型属于本申请权利要求及其等同技术的范围之内,则本申请也意图包括这些改动和变型在内。Although the present application has been described in conjunction with specific features and embodiments thereof, it will be apparent that various modifications and combinations may be made without departing from the spirit and scope of the application. Accordingly, the specification and drawings are intended to be merely illustrative of the application as defined by the appended claims and are to be construed to cover any and all modifications, variations, combinations or equivalents within the scope of the application. Obviously, those skilled in the art can make various changes and modifications to the present application without departing from the spirit and scope of the present application. In this way, if these modifications and variations of the present application fall within the scope of the claims of the present application and its equivalent technology, the present application is also intended to include these modifications and variations.

Claims (14)

  1. A chip, characterized in that the chip comprises a key generation module and a processing module;
    the key generation module is used for generating a first key corresponding to the first starting stage; wherein the first starting stage is any one of a plurality of starting stages of the chip; the first key is different from a key corresponding to a second starting stage, and the second starting stage is one starting stage except the first starting stage in the plurality of starting stages;
    the processing module is used for decrypting the first encrypted file according to the first key in the first starting stage to obtain a first image file; starting the first mirror image file; wherein the first encrypted file is encrypted using the first key.
  2. The chip of claim 1, wherein the key generation module is specifically configured to:
    determining a first key parameter corresponding to the first starting stage, wherein the first key parameter is different from the key parameter corresponding to the second starting stage;
    and generating the first key according to the first key parameter.
  3. The chip of claim 2, wherein the key generation module is specifically configured to:
    And operating the first key parameter and the chip parameter of the chip according to a first operation rule to obtain the first key.
  4. A chip as claimed in claim 2 or 3, wherein the key generation module is specifically configured to:
    when the first starting stage is the first starting stage of the plurality of starting stages, generating the first key parameter according to a preset initial value and a second operation rule; or alternatively
    And when the first starting stage is a starting stage except for the first starting stage in the plurality of starting stages, generating the first key parameter according to the key parameter and a third operation rule corresponding to the previous starting stage of the first starting stage.
  5. The chip of any one of claims 2 to 4, wherein the chip parameters include at least one of:
    a lifecycle for indicating a usage period of the chip;
    the public key hash value is used for indicating the chip manufacturer;
    the application manufacturer of the chip is identified;
    an application device identifier of the chip;
    register identification of registers contained in the chip.
  6. The chip of any one of claims 1 to 5, wherein the processing module is further to:
    Processing the first key as an invalid key after the first image file is started;
    the key generation module is further configured to:
    after the starting phases are finished, when the first starting phase needs to be restarted, the first key corresponding to the first starting phase is redetermined according to a preset target key parameter;
    the processing module is further configured to:
    decrypting the first encrypted file according to the first key to obtain the first image file; restarting the first image file.
  7. A chip security starting method applied to a chip, the method comprising:
    generating a first key corresponding to the first starting stage; the first starting stage is any one of a plurality of starting stages of the chip; the first key is different from a key corresponding to a second starting stage, and the second starting stage is one starting stage except the first starting stage in the plurality of starting stages;
    in the first starting stage, decrypting the first encrypted file according to the first key to obtain a first mirror image file; starting the first mirror image file; wherein the first encrypted file is encrypted using the first key.
  8. The method of claim 7, wherein the generating the first key corresponding to the first startup phase comprises:
    determining a first key parameter corresponding to the first starting stage, wherein the first key parameter is different from the key parameter corresponding to the second starting stage;
    and generating the first key according to the first key parameter.
  9. The method of claim 8, wherein the generating the first key from the first key parameter comprises:
    and operating the first key parameter and the chip parameter of the chip according to a first operation rule to obtain the first key.
  10. The method according to claim 8 or 9, wherein said determining a first key parameter corresponding to the first start-up phase comprises:
    when the first starting stage is the first starting stage of the plurality of starting stages, generating the first key parameter according to a preset initial value and a second operation rule; or alternatively
    And when the first starting stage is a starting stage except for the first starting stage in the plurality of starting stages, generating the first key parameter according to the key parameter and a third operation rule corresponding to the previous starting stage of the first starting stage.
  11. The method of any of claims 8 to 10, wherein the chip parameters include at least one of:
    a lifecycle for indicating a usage period of the chip;
    the public key hash value is used for indicating the chip manufacturer;
    the application manufacturer of the chip is identified;
    an application device identifier of the chip;
    the chip contains an identification of the register.
  12. The method of any one of claims 7 to 11, wherein after the first image file is started, the method further comprises:
    processing the first key as an invalid key;
    after the plurality of start-up phases are over, the method further comprises:
    when the first starting stage needs to be restarted, the first key corresponding to the first starting stage is redetermined according to a preconfigured target key parameter;
    decrypting the first encrypted file according to the first key to obtain the first image file; restarting the first image file.
  13. A computer readable storage medium comprising instructions which, when run on a computer, cause the computer to perform the method of any of claims 7 to 12.
  14. A computer program product, characterized in that it, when run on a computer, causes the computer to perform the method of any of claims 7 to 12.
CN202180099358.2A 2021-06-16 2021-06-16 A chip safe startup method and chip Pending CN117480503A (en)

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CN2021/100403 WO2022261865A1 (en) 2021-06-16 2021-06-16 Chip secure starting method, and chip

Publications (1)

Publication Number Publication Date
CN117480503A true CN117480503A (en) 2024-01-30

Family

ID=84526823

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202180099358.2A Pending CN117480503A (en) 2021-06-16 2021-06-16 A chip safe startup method and chip

Country Status (2)

Country Link
CN (1) CN117480503A (en)
WO (1) WO2022261865A1 (en)

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8254568B2 (en) * 2007-01-07 2012-08-28 Apple Inc. Secure booting a computing device
CN106934289A (en) * 2015-12-30 2017-07-07 北京展讯高科通信技术有限公司 Verification and the method for forming signature image
KR101782378B1 (en) * 2016-11-03 2017-09-27 시큐리티플랫폼 주식회사 Method for secure boot using signed public key
KR102558901B1 (en) * 2018-09-19 2023-07-25 에스케이하이닉스 주식회사 Memory system and operation method thereof

Also Published As

Publication number Publication date
WO2022261865A1 (en) 2022-12-22

Similar Documents

Publication Publication Date Title
US8214632B2 (en) Method of booting electronic device and method of authenticating boot of electronic device
KR101393307B1 (en) Secure boot method and semiconductor memory system for using the method
CN111832013A (en) Firmware upgrade method and device
US20150046717A1 (en) Semiconductor apparatus
EP4348468B1 (en) Firmware-based secure tenancy transfer
CN103765429B (en) Platform Secrets Related to Digital Signature Authority
JP5796447B2 (en) Information processing apparatus, validity verification method, validity verification program
TW200941278A (en) Secure update of boot image without knowledge of secure key
CN109445705B (en) Firmware authentication method and solid state disk
CN109814934B (en) Data processing method, device, readable medium and system
CN113177201A (en) Program checking and signing method and device and SOC chip
US12373518B2 (en) Managing ownership of an electronic device
CN114003915A (en) Chip-based secure startup method and device
CN105847011A (en) Key loading method and device
KR20230082388A (en) Apparatus for verifying bootloader of ecu and method thereof
US12216762B2 (en) Firmware verification system and firmware verification method
US7624442B2 (en) Memory security device for flexible software environment
CN114547618B (en) Safe starting method and device based on Linux system, electronic equipment and storage medium
CN109460262B (en) Method, system, android device and medium for verifying validity of main system image
CN118586000A (en) Vehicle system safe starting method, system, device, medium and vehicle
WO2014138060A1 (en) Prime number generation
CN119150369A (en) System on chip and method of operating a system on chip
CN117480503A (en) A chip safe startup method and chip
CN117193863B (en) Method, device, system and processor for starting host bootstrap program
JP7341376B2 (en) Information processing device, information processing method, and information processing program

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载