基于CPK体制的安全U盘的设计和实现

发布时间：2018-04-13 08:23

本文选题：CPK + 安全U盘　；参考：《北京交通大学》2013年硕士论文

【摘要】：近年来,USB flash disk(简称U盘)因其存储容量大、便携性强、生产成本低等优点,越来越多的受到人们的青睐。但是随着黑客技术的发展和泛滥,信息安全问题也日益严重,人们对数据安全越来越重视。特别是对于数据安全比较敏感的行业,普通U盘已经无法满足需求。在加密算法没有有效破解方法(暴力破解除外)的情况下,存储在U盘中密态数据的安全,主要取决于密钥的安全。然而,目前已有安全U盘的产品和研究中,主要都是针对数据存储的安全,却很少有针对密钥安全和密钥管理的研究。具有我国自主知识产权的CPK(组合公钥体制),因其在标识认证和密钥管理方面独特的优势,近年来备受青睐。本文将利用其在标识认证和密钥交换方面的优势,设计一款安全性高、使用便捷的安全U盘。这款安全U盘采用HS32U2-EU安全芯片为主控芯片,具有安全性高、加解密速度快、操作便捷等特点。而且其不同于普通U盘所有数据共用一个密钥的是,其根目录下可以存储500个不同密钥的文件或文件夹(文件夹内所有数据公用一个密钥),这样就算U盘内某个文件被破解,里面其他数据还是安全的。而且其密钥不需要人工记忆,全部交给智能卡来管理和交互。另外,当你想要给Bob拷贝一个机密文件,却又不想Bob查看你U盘内其它文件时,你可以指定Bob的标识来对这个文件进行加密。这样,只有Bob有权对这个文件进行操作。本文的主要工作有以下几个部分： 1.介绍了本文的研究背景、目的和意义,介绍了安全U盘的国内外现状,并对各种方案的优缺点进行了比较； 2.介绍了CPK技术的背景知识,对于CPK的关键技术ECC(椭圆曲线密码学)和组合公钥做了较为详细的描述。还对常用的几种认证体制进行了分析和比较。 3.对安全U盘的架构和固件系统做了详细的分析和设计,用对应的开发工具开发了U盘的固件程序以及客户端程序。 4.最后对安全U盘的各项指标和性能进行了测试和分析。
[Abstract]:In recent years, USB disk (U disk) is more and more popular because of its large storage capacity, high portability and low production cost.However, with the development and spread of hacker technology, the problem of information security is becoming more and more serious, people pay more and more attention to data security.Especially for the data security sensitive industry, the ordinary U-disk can not meet the demand.When the encryption algorithm has no effective cracking method (except for brute force cracking), the security of the secret data stored in the U disk mainly depends on the security of the key.However, the existing products and researches of secure U disk are mainly focused on the security of data storage, but there are few researches on key security and key management.CPK (combined Public key system), which has its own intellectual property rights in China, has attracted much attention in recent years because of its unique advantages in identity authentication and key management.In this paper, we will use its advantages in identity authentication and key exchange to design a secure U disk with high security and convenient use.The security U disk uses HS32U2-EU security chip as the main control chip, with high security, fast encryption and decryption speed, convenient operation and so on.And what's different from the fact that all data on a USB drive share a key is that the root directory can store 500 files or folders with different keys (all the data in the folder share a key), so that even if a file in the U disk is cracked,The rest of the data is safe.And its key does not need manual memory, all handed over to the smart card to manage and interact.In addition, when you want to copy a secret file to Bob and do not want Bob to view other files in your U disk, you can specify the Bob ID to encrypt the file.Thus, only Bob has the right to operate on this file.The main work of this paper is as follows:1.This paper introduces the research background, purpose and significance of this paper, introduces the current situation of safe U disk at home and abroad, and compares the advantages and disadvantages of various schemes.2.This paper introduces the background of CPK technology, and describes the key technology of CPK (ECC) and combined public key in detail.Several commonly used authentication systems are also analyzed and compared.3.The structure and firmware system of the secure U disk are analyzed and designed in detail. The firmware program and the client program are developed with the corresponding development tools.4.Finally, the index and performance of the safe U disk are tested and analyzed.
【学位授予单位】：北京交通大学
【学位级别】：硕士
【学位授予年份】：2013
【分类号】：TP309

【参考文献】