CN212302479U - encryption device - Google Patents
encryption device Download PDFInfo
- Publication number
- CN212302479U CN212302479U CN202020746793.2U CN202020746793U CN212302479U CN 212302479 U CN212302479 U CN 212302479U CN 202020746793 U CN202020746793 U CN 202020746793U CN 212302479 U CN212302479 U CN 212302479U
- Authority
- CN
- China
- Prior art keywords
- data
- processed
- encryption
- hard
- transmitting
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000012545 processing Methods 0.000 claims abstract description 15
- 238000000034 method Methods 0.000 description 10
- 230000008569 process Effects 0.000 description 9
- 230000006870 function Effects 0.000 description 8
- 230000002452 interceptive effect Effects 0.000 description 4
- 238000011161 development Methods 0.000 description 3
- 230000008571 general function Effects 0.000 description 3
- 230000003993 interaction Effects 0.000 description 3
- 238000010586 diagram Methods 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 230000008859 change Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 230000007717 exclusion Effects 0.000 description 1
- 230000008676 import Effects 0.000 description 1
- 210000001503 joint Anatomy 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 230000002035 prolonged effect Effects 0.000 description 1
- 230000004044 response Effects 0.000 description 1
- 238000004904 shortening Methods 0.000 description 1
- 238000012795 verification Methods 0.000 description 1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The utility model discloses an encryption device, include: the USB universal interface is used for being connected with external terminal equipment, receiving data to be processed sent by the external terminal equipment, or transmitting the processed data to the external terminal equipment, wherein the processing is encryption or decryption; one or more hard encryption chips, which are used for encrypting or decrypting the received data to be processed; and the processor is respectively connected with the USB general interface and one or more hard encryption chips and is used for receiving the data to be processed, transmitting the data to be processed to the hard encryption chip matched with the corresponding relation according to the preset corresponding relation, and transmitting the processed data to the USB general interface. The utility model provides an encryption device can realize under the condition of not PCB redesign that the hardware is encrypted, the cost is reduced.
Description
Technical Field
The utility model relates to a terminal encryption especially relates to an encryption device.
Background
Currently, the security requirements of users for devices are increasing.
In the prior art, when equipment security upgrading needs to be performed on a terminal without a security function, a software upgrading mode that upgrading is performed remotely without replacing hardware equipment can be generally adopted, but the security level is low, and the software upgrading mode is not generally widely adopted for scenes with high security requirements.
In a scene with higher security requirement, a hardware encryption mode is required. Although security can be guaranteed, the hardware encryption mode needs to add a hardware encryption chip to the device. And for the general function of most equipment, external hardware interfaces such as internet access, serial ports and power supplies, software aspects such as data processing and the like are the same before and after the hardware encryption chip is added, and the hardware encryption chip does not need to be replaced. In order to improve the security, a hardware encryption chip needs to be added to increase the encryption and decryption functions.
The inventor of the application finds that when the terminal without the safety function needs the safety function, if the terminal is in a hardware encryption mode, only the whole PCB needs to be redesigned, so that other general functions need to be manufactured again even if the other general functions are not changed, and the problems that the original equipment is scrapped, the whole equipment is replaced, the investment cost is high, the replacement labor cost is high and the like are caused.
The information disclosed in this background section is only for enhancement of understanding of the general background of the invention and should not be taken as an acknowledgement or any form of suggestion that this information constitutes prior art already known to a person skilled in the art.
SUMMERY OF THE UTILITY MODEL
An object of the utility model is to provide an encryption device, it can realize under the condition that need not redesign PCB that the hardware is encrypted, the cost is reduced.
In order to achieve the above object, the present invention provides an encryption device, including: the USB universal interface is used for being connected with external terminal equipment, receiving data to be processed sent by the external terminal equipment, or transmitting the processed data to the external terminal equipment, wherein the processing is encryption or decryption; one or more hard encryption chips, which are used for encrypting or decrypting the received data to be processed; the processor is respectively connected with the USB universal interface and one or more hard encryption chips and is used for receiving the data to be processed, transmitting the data to be processed to the hard encryption chip matched with the corresponding relation according to the preset corresponding relation and transmitting the processed data to the USB universal interface; the processor stores a plurality of preset corresponding relations, wherein the corresponding relations are corresponding relations between services corresponding to data to be processed and the hard encryption chips.
In a preferred embodiment, the processor receives the data to be processed of the first service and the data to be processed of the second service at the same time; the processor transmits the data to be processed of the first service to a hard encryption chip matched with the corresponding relation so as to encrypt/decrypt the data, and transmits the data to be processed of the second service to the hard encryption chip matched with the corresponding relation so as to encrypt/decrypt the data; then, transmitting the processed data corresponding to the first service through a USB universal interface; and transmitting the processed data corresponding to the second service through the USB universal interface.
In a preferred embodiment, the hard encryption chip may include one or more of the secrets SM1, SM2, SM3, SM 4.
Compared with the prior art, according to the utility model discloses an encryption device, when the terminal equipment who does not have encryption function need realize the encryption and decryption function of hardware, through using this encryption device of USB general interface connection, can realize that the hardware is encrypted, need not to redesign PCB, and the cost is reduced is convenient for more use.
Drawings
Fig. 1 is a schematic structural diagram of an encryption device according to an embodiment of the present invention.
Detailed Description
The following detailed description of the present invention is provided in conjunction with the accompanying drawings, but it should be understood that the scope of the present invention is not limited by the following detailed description.
Throughout the specification and claims, unless explicitly stated otherwise, the word "comprise", or variations such as "comprises" or "comprising", will be understood to imply the inclusion of a stated element or component but not the exclusion of any other element or component.
As shown in fig. 1, it is a schematic structural diagram of an encryption device according to a preferred embodiment of the present invention, including: a USB generic interface 1, a processor 2 and one or more hard cryptographic chips 3.
The USB universal interface 1 is used for connecting with an external terminal device, receiving data to be processed sent by the external terminal device, or transmitting processed data to the external terminal device, where the processing is encryption or decryption.
The processor 2 is respectively connected with the USB universal interface 1 and one or more hard encryption chips, and is used for receiving the data to be processed, transmitting the data to be processed to the hard encryption chip matched with the corresponding relation according to the preset corresponding relation, and transmitting the processed data to the USB universal interface 1; the processor stores a plurality of preset corresponding relations, wherein the corresponding relations are corresponding relations between services corresponding to data to be processed and the hard encryption chips.
One or more hard encryption chips 3 are used for encrypting or decrypting the received data to be processed.
Specifically, the hard encryption chip can be one or more of the national passwords SM1, SM2, SM3 and SM 4. Further, the hard encryption chip may also be other encryption algorithms, such as SM7, etc. The processor 2 is reserved with a plurality of interfaces with the hard encryption chip, and the hard encryption chip of the corresponding algorithm can be added according to the requirements of users. Different hard encryption chips correspond to different hard encryption algorithms and are used for different interaction flow requirements, namely different business requirements. When the method is applied to different application scenes, corresponding interaction processes can be matched, and hard algorithms are used, so that different applications can be guaranteed to use high-level security levels.
In this embodiment, for different external terminal devices, the device can be directly applied only by downloading a corresponding protocol, such as a standard CCID protocol, and the generalization is high. Excessive additional development is not needed, and the labor cost can be greatly saved.
Therefore, when the terminal equipment without the encryption function needs to realize the encryption and decryption functions of hardware, the encryption device is connected by using the USB universal interface, the hardware encryption can be realized, the redesign of a PCB is not needed, the cost is reduced, and the application is more convenient.
Furthermore, hardware encryption chips of different encryption algorithms required by customers can be flexibly configured on the module according to the level of the safety level requirements of the customers, and the requirements of the customer equipment on different encryption levels of data with different safety levels can be met by selecting one or more algorithms from SM1 to SM 4. Because the algorithm is realized by adopting various hardware encryption chips, a hard encryption mode is adopted in encryption, the security exceeds a soft encryption mode, meanwhile, a customer does not need to modify equipment hardware, the encryption algorithm can be flexibly added to original equipment, the customer software does not need to develop a driving program for the corresponding encryption chip, and the data encryption and decryption process can be realized by only transmitting the data into the module according to a protocol.
In one implementation, the processor receives data to be processed of a first service and data to be processed of a second service at the same time;
the processor transmits the data to be processed of the first service to a hard encryption chip matched with the corresponding relation so as to encrypt/decrypt the data, and transmits the data to be processed of the second service to the hard encryption chip matched with the corresponding relation so as to encrypt/decrypt the data; then, transmitting the processed data corresponding to the first service through the USB universal interface 1; and transmitting the processed data corresponding to the second service through the USB general interface 1.
The following examples are given. Each interactive flow of the service can comprise a plurality of links such as identity authentication, certificate import, signature verification and the like, and each link of the interactive flow can be intelligently crossed when the interactive flow is processed. For example, in the process of waiting for the hard encryption chip to calculate in the previous link, the next link is arranged to be calculated by another idle different hard encryption algorithm, so as to realize the overall arrangement of each link of the interaction flow.
For example, in a conventional situation, the terminal needs to perform two services, i.e., a service a and a service B, in a linear manner, which may cause the situation that the real-time performance of the two services is not enough. When the interactive flow mode is adopted, the terminal sends A, B two service requirements to the device in sequence according to the protocol format. The CPU distributes the service identity authentication data A to an encryption chip 1 for processing through protocol analysis; receiving the data of the next service B sent by the terminal in the waiting idle state which is not processed by the encryption chip 1, and sending the data to the encryption chip 2 for processing; in the idle waiting for the data return of the encryption chip 2, the information … … processed and processed by the encryption chip 1 is received and processed, and so on, and the waiting time of the encryption chip in processing the data is reasonably utilized to process another business process, thereby greatly shortening the business processing time.
Therefore, the utility model discloses a mode that the alternately process of intelligence was handled, intelligence is arranged, a plurality of processes of cross treatment to promote the processing speed and the efficiency of whole flow greatly. And in the time of waiting for the chip to finish the processing response in the first process, the link of the other process is sent to the other processing chip, and the processing of other links is inserted into the waiting time of the chip, so that the original multiple waiting time is greatly reduced on the whole. Compared with the prior art that each task is executed after the processing is finished, the processing time is prolonged.
The encryption device provided by the embodiment also has the following advantages: for client equipment, only one basic product needs to be developed, a standard interface for butt joint is reserved, only the encryption device needs to be inserted into the corresponding interface, hardware does not need to be modified and reproduced, software does not need to be developed by a bottom driver, data only needs to be received and transmitted according to a protocol, when algorithm application needs to be changed, a CPU is informed according to a communication protocol to change the corresponding relation between a service and a hard encryption chip, software and hardware development does not need to be carried out again, and development and maintenance cost of the software and hardware is greatly reduced.
The foregoing descriptions of specific exemplary embodiments of the present invention have been presented for purposes of illustration and description. It is not intended to limit the invention to the precise form disclosed, and obviously many modifications and variations are possible in light of the above teaching. The exemplary embodiments were chosen and described in order to explain certain principles of the invention and its practical application to enable one skilled in the art to make and use various exemplary embodiments of the invention and various alternatives and modifications as are suited to the particular use contemplated. It is intended that the scope of the invention be defined by the claims and their equivalents.
Claims (3)
1. An encryption apparatus, comprising:
the USB universal interface is used for being connected with external terminal equipment, receiving data to be processed sent by the external terminal equipment, or transmitting the processed data to the external terminal equipment, wherein the processing is encryption or decryption;
one or more hard encryption chips, which are used for encrypting or decrypting the received data to be processed;
the processor is respectively connected with the USB universal interface and one or more hard encryption chips and is used for receiving the data to be processed, transmitting the data to be processed to the hard encryption chip matched with the corresponding relation according to the preset corresponding relation and transmitting the processed data to the USB universal interface;
the processor stores a plurality of preset corresponding relations, wherein the corresponding relations are corresponding relations between services corresponding to data to be processed and the hard encryption chips.
2. The encryption apparatus of claim 1, wherein said processor receives the data to be processed for the first service and the data to be processed for the second service simultaneously;
the processor transmits the data to be processed of the first service to a hard encryption chip matched with the corresponding relation so as to encrypt/decrypt the data, and transmits the data to be processed of the second service to the hard encryption chip matched with the corresponding relation so as to encrypt/decrypt the data; then, transmitting the processed data corresponding to the first service through the USB universal interface; and transmitting the processed data corresponding to the second service through the USB universal interface.
3. The encryption apparatus of claim 1, wherein the hard encryption chip may include one or more of a cryptographic SM1, SM2, SM3, SM 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202020746793.2U CN212302479U (en) | 2020-05-08 | 2020-05-08 | encryption device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202020746793.2U CN212302479U (en) | 2020-05-08 | 2020-05-08 | encryption device |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN212302479U true CN212302479U (en) | 2021-01-05 |
Family
ID=73966176
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202020746793.2U Active CN212302479U (en) | 2020-05-08 | 2020-05-08 | encryption device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN212302479U (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112422392A (en) * | 2021-01-25 | 2021-02-26 | 武汉格罗夫氢能汽车有限公司 | Whole-vehicle network system of hydrogen energy automobile |
| CN115348045A (en) * | 2021-05-13 | 2022-11-15 | 北京小米移动软件有限公司 | Data transmission method, data transmission device and storage medium |
-
2020
- 2020-05-08 CN CN202020746793.2U patent/CN212302479U/en active Active
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN112422392A (en) * | 2021-01-25 | 2021-02-26 | 武汉格罗夫氢能汽车有限公司 | Whole-vehicle network system of hydrogen energy automobile |
| CN112422392B (en) * | 2021-01-25 | 2021-07-02 | 武汉格罗夫氢能汽车有限公司 | Whole-vehicle network system of hydrogen energy automobile |
| CN115348045A (en) * | 2021-05-13 | 2022-11-15 | 北京小米移动软件有限公司 | Data transmission method, data transmission device and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110493261B (en) | Verification code obtaining method based on block chain, client, server and storage medium | |
| EP3535683B1 (en) | Data encryption control using multiple controlling authorities | |
| CN103546289A (en) | USB (universal serial bus) Key based secure data transmission method and system | |
| CN111131416A (en) | Business service providing method and device, storage medium and electronic device | |
| CN212302479U (en) | encryption device | |
| CN115208697A (en) | Adaptive data encryption method and device based on attack behavior | |
| CN112511295B (en) | Authentication method and device for interface calling, micro-service application and key management center | |
| WO2017006118A1 (en) | Secure distributed encryption system and method | |
| CN116170157A (en) | User password encryption and decryption method and device based on national encryption algorithm | |
| CN111368322B (en) | File decryption method and device, electronic equipment and storage medium | |
| CN107155184B (en) | WIFI module with secure encryption chip and communication method thereof | |
| CN106533677A (en) | User login method, user terminal and server | |
| CN114726597B (en) | Data transmission method, device, system and storage medium | |
| CN110198320B (en) | Encrypted information transmission method and system | |
| US12182246B2 (en) | Security chip-based security authentication method and system, security chip, and readable storage medium | |
| CN111901335B (en) | Block chain data transmission management method and system based on middle station | |
| CN109005187A (en) | A kind of communication information guard method and device | |
| CN113434837A (en) | Method and device for equipment identity authentication and smart home system | |
| CN103701589A (en) | Information transmission method and device based on virtual desktop system and relevant equipment | |
| CN112187767A (en) | Multi-party contract consensus system, method and medium based on block chain | |
| CN105072136A (en) | Method and system for security authentication between devices based on virtual drive | |
| CN113434845B (en) | Business handling method and device, electronic equipment and computer readable storage medium | |
| CN112202552B (en) | Method, device, medium and electronic equipment for monitoring quality of block chain data | |
| CN116095671A (en) | Resource sharing method based on meta universe and related equipment thereof | |
| CN114036546A (en) | Identity verification method and device based on mobile phone number, computer equipment and medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| GR01 | Patent grant | ||
| GR01 | Patent grant |