基于Z8HM2芯片的加密U盘的设计
|
摘要
随着信息技术的飞速发展,数据安全日益受到人们的重视。普通U盘具有容量大、低成本等优点,但是它存储的数据很容易被他人读出,无法满足大量数据安全存储应用的需求。本文充分考虑了各种应用需求的不同,从中抽象出一个可扩展的应用模型,并在这个应用模型的基础上设计了一个应用于大容量安全存储设备的加密U盘,它具有高安全性、可扩展性、可裁减性、易移植性等特点。当面对新的应用时,加密U盘可通过提供的SDK(Software Development Kit,即软件开发工具包)接口,上层仅做少量改动甚至不需要改动的情况下迅速满足应用的需求,因此能够大幅降低研发成本,为大容量安全存储市场各种不同的需求提供一个统一的解决方案。在系统架构的基础上进一步分析对USB设备初始化、BOT(Bulk Only Transport,批量数据传输协议)协议实现、SDK接口设计、客户端软件设计等内容进行分析,在国民技术安全加密芯片Z8HM2的基础上设计了一个加密U盘的整套方案并加以实现,提供了基础的U盘操作接口、客户端软件,并能够支持多种国际认证的硬件加密算法,如AES、SCB2等,能够广泛应用于移动办公、电子商务、电子政务、网络银行、云计算等领域。
As the rapid development of information technologies, much more emphasis was taken on the problem of data securities. With greater capacity and lower cost, however, USB disk is easy to be read by others and cannot satisfy the demands of security storage or applying of bulks of data. With the analysis of such demands at all areas in the market, the author has built an application model of extension possible, on which one secured U-Disk was designed, which has its standpoint of higher security, extension possibility, easy-going as well. On facing new applying and new hardware environment, secured U-Disk will easily meet the needs of applying via SDK (Software Development Kit) with a little or even without changes which will dramatically lower the cost, offering a uniform solution to numbers of demands of great capacity and security storage market. With a general narrate basis, the thesis explains USB device initialization, BOT (Bulk Only Transport) protocol implement, SDK interface design and client software for windows. Based on security IC named Z8HM2 of Nationz Technology Corporation, a full set of solutions were designed and realized, which provides basic functions of command control interface and client software, and enable to support manifold encrypt arithmetic identified by national secret bureau, such as AES, SCB2, one widely applied in the demands of mobile officing, electronic commerce, electronic government, internet bank as well as cloud computing and so on.
As the rapid development of information technologies, much more emphasis was taken on the problem of data securities. With greater capacity and lower cost, however, USB disk is easy to be read by others and cannot satisfy the demands of security storage or applying of bulks of data. With the analysis of such demands at all areas in the market, the author has built an application model of extension possible, on which one secured U-Disk was designed, which has its standpoint of higher security, extension possibility, easy-going as well. On facing new applying and new hardware environment, secured U-Disk will easily meet the needs of applying via SDK (Software Development Kit) with a little or even without changes which will dramatically lower the cost, offering a uniform solution to numbers of demands of great capacity and security storage market. With a general narrate basis, the thesis explains USB device initialization, BOT (Bulk Only Transport) protocol implement, SDK interface design and client software for windows. Based on security IC named Z8HM2 of Nationz Technology Corporation, a full set of solutions were designed and realized, which provides basic functions of command control interface and client software, and enable to support manifold encrypt arithmetic identified by national secret bureau, such as AES, SCB2, one widely applied in the demands of mobile officing, electronic commerce, electronic government, internet bank as well as cloud computing and so on.
引文
1.姜雪莲,司徒忠.基于单片机的嵌入式U盘控制器的设计与实现.机电工程技术. 2005, 34(4):79~81
2.付积存.安全U盘嵌入式系统的设计与实现.武汉:华中科技大学硕士论文2006:1~2.
3.陈尚义,周博,黄昀.移动存储介质安全管理技术的现状和发展趋势.信息安全与通信保密. 2009, 04
4.谢春龙.移动存储加密方式解析.中关村在线. 2010,08:2
5.陈纬,周培源,童敏.智能卡数据安全技术的研究.信息安全与通讯保密. 2002, 03:44~47
6.唐劲飞,可永敏,穆连运,王新华,赵祚德.基于Windows的USB设备开发.舰船电子工程. 2009,11:140~142
7. Dai Wei, Zhang Shen-sheng. A File Encryption Schema Based on Smart Card. Computer Simulation. 2005, 04:175~177
8.孙凌宇,冷明,彭宣戈.一种用户身份认证系统的形式化描述.计算机应用与软. 2009, 01:277~279
9.张九星.光驱技术杂谈.电脑采购周刊. 2005,15:5
10.叶君耀,王英连.基于硬件加密设备的身份认证协议的设计及安全性分析.科技信息. 2009, 34
11. Shooman. The reliability of error correcting code implementations. Reliability and Maintainability Symposium. 1996, 01:148
12.杨君.基于单片机的嵌入式USB主机系统的实现.微计算机信息. 2008, 14:93~100
13.国民技术项目组.国民技术Z8HM2用户可以定制应用的安全主控芯片.信息安全与通信保密. 2009, 11:1~5
14. Li Ying, ZhanXu, LuoY. A System of USB Access Control and Data Security. Microcomputer Applications. 2010, 06
15. Compaq, Hewlett-Packard, Intel, Lucent, Microsoft, NEC. PhilipsUniversal Serial Bus Specification Revision 2.0. 2000, 04:23~68
16. Saputra, Ozturk, Vijaykrishnan, Kandemir, Brooks. A data-driven approach for embedded security. VLSI, 2005. Proceedings. IEEE Computer Society Annual Symposium. 2005, 05:104
17. Omote, Kato. Protection and Recovery of Disk Encryption Key Using Smart Cards. Information Technology. 2008, 04:106
18.韩杰,王璐. USB Mass Storage类设备的设计与实现.可编程控制器与工厂自动化. 2009, 03:35~36
19.田奕.基于Mass Storage协议的USB接口设计.电子器件. 2005, 28:683~684
20.张鲁国,马自堂.智能卡操作系统中存储管理设计.微计算机信息. 2005, 21(9-3):22~23
21.张利华,朱灿焰,张其善.智能卡及其应用技术研究.微型计算机与应用. 2002, 12:4~6
22.毕进军,于志平,李伦.通过USBN 9603/P89C51平台实现USB接口硬件加密.微型机与应用. 2004, 23(4):27~28
23.孙庚,蒋国强. USB块传输设备的设计与实现.计算机工程. 2003, 29(6):180~18l
24.张维君,王威,任立鹏.基于MC9S12UF32加密U盘的研究与设计.信息科技. 2009, 19:128~129
25.刘栋栋,基于FameG+FS7805的加密优盘的设计与实现.苏州:苏州大学硕士论文. 2009:20~29
26.吴瀛,龚育昌,张为民.一种基于Flash的智能卡文件系统.计算机工程. 2005, 3l(6):55~56
27.罗钧,桂杰出. USB协议及其接口实现.仪器仪表学报. 2004, 25(4):616-617
28. Gerasimov, Zhuravlev, Pershin, Gerasimov. Design and implementation of a block storage multi-protocol converter. Mass Storage Systems and Technologies. 2003, 04:183
29. Epstein. Baumlin. Boulin. A RISC based SCSI interface for a protein crystallography detector. Nuclear Science. 1998, 45:1934
30. Asuncion Gamez-Perez, Oscar Corcho.Ontology Languages for the Semantic Web. IEEE Intelligent Systems, 2002, 17(1):56~60
31. Kari, Saikkonen, Lombardi. Detecting latent sector faults in modern SCSI disks. Modeling, Analysis, and Simulation of Computer and Telecommunication Systems. 1994, 02:403~408
32. Yun, Dill. A high-performance asynchronous SCSI controller. Computer Design. 1995, 10:42~45
33. Asuncion Gamez-Perez, Oscar Corcho. Ontology Languages for the Semantic Web. IEEE Intelligent Systems, 2002, 17(1):56~60
34. Ren Jin, Xie Chang sheng, LiWei. iSCSI Protocol and It's Implementation Under Linux. Mini-Micro Systems, 2003, 24(7):1183-1186
35. Zielski, Sosnowski. The SCSI interface conformance tests generation.Dependability of Computer Systems. 2007, 07:14~16
36.赵益民,张引,李元鹏.探地雷达信号的数据采集与显示研究.电子科技. 2010,04:50~53
37. Teng Gao, Yue-wei Ding, Si-chong Dai. Research of Access Control of USB Storage Device with Information Security in Unauthorized Internet Access Monitoring System. Computational Intelligence and Software Engineering. 2009, 12:1~5
38. USB Implementers Forum. Universal Serial Bus Mass Storage Class Bulk-Only Transport. 1999, 09:9~20
39.徐春青.基于嵌入式系统的USB开发与研究嵌入式USB存储系统的设计.无锡:江南大学硕士论文. 2008:20~30
40.薛春艳.基于USB接口的计算机信息采集系统的研究与设计.大连:大连海事大学硕士论文. 2006:40~45
41. Qinghua Zhang, A Security Design of Data Exchange Platform. Computer Science and Software Engineering. 2008,12:563
42. Chang CC, Liao WY. Remote Password Authentication Scheme. Computer & Security, 1994, 13(2):137~144
43. Gaohua Liao, Quanguo Lu , Weizhong Zhang. Design of Reusable Software for USB Host Driver in Embedded System. Computing, Control and Industrial Engineering (CCIE). 2010, 06:312
44. Gennaro R, Micali S. Verifiable Secret Sharing as Secure Computation. Lecture Notes in Computer Science, 1995:168~169
2.付积存.安全U盘嵌入式系统的设计与实现.武汉:华中科技大学硕士论文2006:1~2.
3.陈尚义,周博,黄昀.移动存储介质安全管理技术的现状和发展趋势.信息安全与通信保密. 2009, 04
4.谢春龙.移动存储加密方式解析.中关村在线. 2010,08:2
5.陈纬,周培源,童敏.智能卡数据安全技术的研究.信息安全与通讯保密. 2002, 03:44~47
6.唐劲飞,可永敏,穆连运,王新华,赵祚德.基于Windows的USB设备开发.舰船电子工程. 2009,11:140~142
7. Dai Wei, Zhang Shen-sheng. A File Encryption Schema Based on Smart Card. Computer Simulation. 2005, 04:175~177
8.孙凌宇,冷明,彭宣戈.一种用户身份认证系统的形式化描述.计算机应用与软. 2009, 01:277~279
9.张九星.光驱技术杂谈.电脑采购周刊. 2005,15:5
10.叶君耀,王英连.基于硬件加密设备的身份认证协议的设计及安全性分析.科技信息. 2009, 34
11. Shooman. The reliability of error correcting code implementations. Reliability and Maintainability Symposium. 1996, 01:148
12.杨君.基于单片机的嵌入式USB主机系统的实现.微计算机信息. 2008, 14:93~100
13.国民技术项目组.国民技术Z8HM2用户可以定制应用的安全主控芯片.信息安全与通信保密. 2009, 11:1~5
14. Li Ying, ZhanXu, LuoY. A System of USB Access Control and Data Security. Microcomputer Applications. 2010, 06
15. Compaq, Hewlett-Packard, Intel, Lucent, Microsoft, NEC. PhilipsUniversal Serial Bus Specification Revision 2.0. 2000, 04:23~68
16. Saputra, Ozturk, Vijaykrishnan, Kandemir, Brooks. A data-driven approach for embedded security. VLSI, 2005. Proceedings. IEEE Computer Society Annual Symposium. 2005, 05:104
17. Omote, Kato. Protection and Recovery of Disk Encryption Key Using Smart Cards. Information Technology. 2008, 04:106
18.韩杰,王璐. USB Mass Storage类设备的设计与实现.可编程控制器与工厂自动化. 2009, 03:35~36
19.田奕.基于Mass Storage协议的USB接口设计.电子器件. 2005, 28:683~684
20.张鲁国,马自堂.智能卡操作系统中存储管理设计.微计算机信息. 2005, 21(9-3):22~23
21.张利华,朱灿焰,张其善.智能卡及其应用技术研究.微型计算机与应用. 2002, 12:4~6
22.毕进军,于志平,李伦.通过USBN 9603/P89C51平台实现USB接口硬件加密.微型机与应用. 2004, 23(4):27~28
23.孙庚,蒋国强. USB块传输设备的设计与实现.计算机工程. 2003, 29(6):180~18l
24.张维君,王威,任立鹏.基于MC9S12UF32加密U盘的研究与设计.信息科技. 2009, 19:128~129
25.刘栋栋,基于FameG+FS7805的加密优盘的设计与实现.苏州:苏州大学硕士论文. 2009:20~29
26.吴瀛,龚育昌,张为民.一种基于Flash的智能卡文件系统.计算机工程. 2005, 3l(6):55~56
27.罗钧,桂杰出. USB协议及其接口实现.仪器仪表学报. 2004, 25(4):616-617
28. Gerasimov, Zhuravlev, Pershin, Gerasimov. Design and implementation of a block storage multi-protocol converter. Mass Storage Systems and Technologies. 2003, 04:183
29. Epstein. Baumlin. Boulin. A RISC based SCSI interface for a protein crystallography detector. Nuclear Science. 1998, 45:1934
30. Asuncion Gamez-Perez, Oscar Corcho.Ontology Languages for the Semantic Web. IEEE Intelligent Systems, 2002, 17(1):56~60
31. Kari, Saikkonen, Lombardi. Detecting latent sector faults in modern SCSI disks. Modeling, Analysis, and Simulation of Computer and Telecommunication Systems. 1994, 02:403~408
32. Yun, Dill. A high-performance asynchronous SCSI controller. Computer Design. 1995, 10:42~45
33. Asuncion Gamez-Perez, Oscar Corcho. Ontology Languages for the Semantic Web. IEEE Intelligent Systems, 2002, 17(1):56~60
34. Ren Jin, Xie Chang sheng, LiWei. iSCSI Protocol and It's Implementation Under Linux. Mini-Micro Systems, 2003, 24(7):1183-1186
35. Zielski, Sosnowski. The SCSI interface conformance tests generation.Dependability of Computer Systems. 2007, 07:14~16
36.赵益民,张引,李元鹏.探地雷达信号的数据采集与显示研究.电子科技. 2010,04:50~53
37. Teng Gao, Yue-wei Ding, Si-chong Dai. Research of Access Control of USB Storage Device with Information Security in Unauthorized Internet Access Monitoring System. Computational Intelligence and Software Engineering. 2009, 12:1~5
38. USB Implementers Forum. Universal Serial Bus Mass Storage Class Bulk-Only Transport. 1999, 09:9~20
39.徐春青.基于嵌入式系统的USB开发与研究嵌入式USB存储系统的设计.无锡:江南大学硕士论文. 2008:20~30
40.薛春艳.基于USB接口的计算机信息采集系统的研究与设计.大连:大连海事大学硕士论文. 2006:40~45
41. Qinghua Zhang, A Security Design of Data Exchange Platform. Computer Science and Software Engineering. 2008,12:563
42. Chang CC, Liao WY. Remote Password Authentication Scheme. Computer & Security, 1994, 13(2):137~144
43. Gaohua Liao, Quanguo Lu , Weizhong Zhang. Design of Reusable Software for USB Host Driver in Embedded System. Computing, Control and Industrial Engineering (CCIE). 2010, 06:312
44. Gennaro R, Micali S. Verifiable Secret Sharing as Secure Computation. Lecture Notes in Computer Science, 1995:168~169