本文選題：CPK + 安全U盤��； 參考：《北京交通大學(xué)》2013年碩士論文

【摘要】：近年來,USB flash disk(簡(jiǎn)稱U盤)因其存儲(chǔ)容量大、便攜性強(qiáng)、生產(chǎn)成本低等優(yōu)點(diǎn),越來越多的受到人們的青睞。但是隨著黑客技術(shù)的發(fā)展和泛濫,信息安全問題也日益嚴(yán)重,人們對(duì)數(shù)據(jù)安全越來越重視。特別是對(duì)于數(shù)據(jù)安全比較敏感的行業(yè),普通U盤已經(jīng)無法滿足需求。 在加密算法沒有有效破解方法(暴力破解除外)的情況下,存儲(chǔ)在U盤中密態(tài)數(shù)據(jù)的安全,主要取決于密鑰的安全。然而,目前已有安全U盤的產(chǎn)品和研究中,主要都是針對(duì)數(shù)據(jù)存儲(chǔ)的安全,卻很少有針對(duì)密鑰安全和密鑰管理的研究。 具有我國(guó)自主知識(shí)產(chǎn)權(quán)的CPK(組合公鑰體制),因其在標(biāo)識(shí)認(rèn)證和密鑰管理方面獨(dú)特的優(yōu)勢(shì),近年來備受青睞。本文將利用其在標(biāo)識(shí)認(rèn)證和密鑰交換方面的優(yōu)勢(shì),設(shè)計(jì)一款安全性高、使用便捷的安全U盤。 這款安全U盤采用HS32U2-EU安全芯片為主控芯片,具有安全性高、加解密速度快、操作便捷等特點(diǎn)。而且其不同于普通U盤所有數(shù)據(jù)共用一個(gè)密鑰的是,其根目錄下可以存儲(chǔ)500個(gè)不同密鑰的文件或文件夾(文件夾內(nèi)所有數(shù)據(jù)公用一個(gè)密鑰),這樣就算U盤內(nèi)某個(gè)文件被破解,里面其他數(shù)據(jù)還是安全的。而且其密鑰不需要人工記憶,全部交給智能卡來管理和交互。另外,當(dāng)你想要給Bob拷貝一個(gè)機(jī)密文件,卻又不想Bob查看你U盤內(nèi)其它文件時(shí),你可以指定Bob的標(biāo)識(shí)來對(duì)這個(gè)文件進(jìn)行加密。這樣,只有Bob有權(quán)對(duì)這個(gè)文件進(jìn)行操作。 本文的主要工作有以下幾個(gè)部分： 1.介紹了本文的研究背景、目的和意義,介紹了安全U盤的國(guó)內(nèi)外現(xiàn)狀,并對(duì)各種方案的優(yōu)缺點(diǎn)進(jìn)行了比較； 2.介紹了CPK技術(shù)的背景知識(shí),對(duì)于CPK的關(guān)鍵技術(shù)ECC(橢圓曲線密碼學(xué))和組合公鑰做了較為詳細(xì)的描述。還對(duì)常用的幾種認(rèn)證體制進(jìn)行了分析和比較。 3.對(duì)安全U盤的架構(gòu)和固件系統(tǒng)做了詳細(xì)的分析和設(shè)計(jì),用對(duì)應(yīng)的開發(fā)工具開發(fā)了U盤的固件程序以及客戶端程序。 4.最后對(duì)安全U盤的各項(xiàng)指標(biāo)和性能進(jìn)行了測(cè)試和分析。
[Abstract]:In recent years, USB disk (U disk) is more and more popular because of its large storage capacity, high portability and low production cost.However, with the development and spread of hacker technology, the problem of information security is becoming more and more serious, people pay more and more attention to data security.Especially for the data security sensitive industry, the ordinary U-disk can not meet the demand.When the encryption algorithm has no effective cracking method (except for brute force cracking), the security of the secret data stored in the U disk mainly depends on the security of the key.However, the existing products and researches of secure U disk are mainly focused on the security of data storage, but there are few researches on key security and key management.CPK (combined Public key system), which has its own intellectual property rights in China, has attracted much attention in recent years because of its unique advantages in identity authentication and key management.In this paper, we will use its advantages in identity authentication and key exchange to design a secure U disk with high security and convenient use.The security U disk uses HS32U2-EU security chip as the main control chip, with high security, fast encryption and decryption speed, convenient operation and so on.And what's different from the fact that all data on a USB drive share a key is that the root directory can store 500 files or folders with different keys (all the data in the folder share a key), so that even if a file in the U disk is cracked,The rest of the data is safe.And its key does not need manual memory, all handed over to the smart card to manage and interact.In addition, when you want to copy a secret file to Bob and do not want Bob to view other files in your U disk, you can specify the Bob ID to encrypt the file.Thus, only Bob has the right to operate on this file.The main work of this paper is as follows:1.This paper introduces the research background, purpose and significance of this paper, introduces the current situation of safe U disk at home and abroad, and compares the advantages and disadvantages of various schemes.2.This paper introduces the background of CPK technology, and describes the key technology of CPK (ECC) and combined public key in detail.Several commonly used authentication systems are also analyzed and compared.3.The structure and firmware system of the secure U disk are analyzed and designed in detail. The firmware program and the client program are developed with the corresponding development tools.4.Finally, the index and performance of the safe U disk are tested and analyzed.
【學(xué)位授予單位】：北京交通大學(xué)
【學(xué)位級(jí)別】：碩士
【學(xué)位授予年份】：2013
【分類號(hào)】：TP309

【參考文獻(xiàn)】

相關(guān)期刊論文 前10條

1 陳峰,尹寒;CPU卡的接口特性、傳輸協(xié)議與讀寫程序設(shè)計(jì)[J];單片機(jī)與嵌入式系統(tǒng)應(yīng)用;2002年03期

2 鐘旭;洪澤勤;;IBE和CPK的對(duì)比分析[J];計(jì)算機(jī)安全;2006年06期

3 ;組合公鑰(CPK)體制標(biāo)準(zhǔn)(v5.0)[J];計(jì)算機(jī)安全;2010年10期

4 孟博,熊麗,陳浩然;基于PKI的電子商務(wù)安全研究[J];計(jì)算機(jī)工程與應(yīng)用;2002年11期

5 唐文,南相浩,陳鐘;基于橢圓曲線密碼系統(tǒng)的組合公鑰技術(shù)[J];計(jì)算機(jī)工程與應(yīng)用;2003年21期

6 佟曉筠,王翥,杜宇,岳銀亮;基于軟件安全混合加密技術(shù)的研究[J];計(jì)算機(jī)工程;2004年23期

7 崔國(guó)華,唐國(guó)富,洪帆;AES算法的實(shí)現(xiàn)研究[J];計(jì)算機(jī)應(yīng)用研究;2004年08期

8 楊君輝,戴宗鐸,楊棟毅,劉宏偉;一種橢圓曲線簽名方案與基于身份的簽名協(xié)議[J];軟件學(xué)報(bào);2000年10期

9 南相浩;陳華平;;組合公鑰(CPK)體制標(biāo)準(zhǔn)[J];信息安全與通信保密;2008年08期

10 周R寄，

本文編號(hào)：1743684