The way to protect information from unauthorized access and device for its implementation (variants)

 

The invention relates to the field of information security with cryptographic transformation of data. The technical result is to increase the strength and efficiency of information security. The device includes an interface unit with a computer, the non-volatile memory keys, functional block converters input data in the encrypted and decrypted data block transport keys and the key generator. The method describes the operation of the device. 4 C. and 13 C.p. f-crystals, 7 Il.

Description text in facsimile form (see graphic part).

Claims

1. The way to protect information from unauthorized access, based on the formation of a key in a physically protected from unauthorized access by an external device, adapted for connection to the computer, and the subsequent encryption and decryption of data using the key stored in the memory of the external device.

2. The method according to p. 1, characterized in that the generation of the key is carried out using signals of a pseudo-random sequence and signals external random effects with subsequent automatic Prov characterized in that that signals a pseudo-random sequence is formed using a continuously running cyclic timer, and external signals, random effects form by generating a random code through non-periodic time intervals.

4. The way to protect information from unauthorized access, based on the formation of the key, which is stored in a memory of the external device, adapted for connection to a computer, the interpretation of information using the key in the external device, characterized in that the generation of the key data and information exchange between subscribers carry out in an external device of one of the subscribers, encrypt it system key pre-stored in the memory system key all devices of subscribers, and transmit the encrypted key to the other party, decode it from another subscriber, the encryption is performed with the use of key external devices, each of the subscribers.

5. The method according to p. 4, characterized in that the formation of the keys operate using signals of a pseudo-random sequence and signals external random effects with subsequent automatic scan key on Otsu is the signals from the pseudo-random sequence is formed with a continuously running cyclic counter, and external signals, random effects form by generating a random code through non-periodic time intervals.

7. The protection of information from unauthorized access, contains the interface box to the computer, the first input which is the input of the device connected to port I / o data computer, a nonvolatile memory keys, the first input of which is connected to the first output unit interface with a computer, a functional block converters input data in the encrypted and decrypted data, the output of which is connected to the second input of the interface unit with a computer, characterized in that it introduced the key generator, the first and second inputs which are connected respectively with the third and fourth outputs of the interface unit to the computer, the second output of which is connected with the second input of the nonvolatile memory keys, the fifth output connected to the first input of the functional block converters input data in the encrypted and decrypted data and the third input key generator, sixth output connected to a second input of the functional block converters input data in the encrypted and decrypted data, and the seventh output is an output device connected to poor keys and the output of the non-volatile memory key connected to the third input of the functional block of information converters input data in the encrypted and decrypted data.

8. The device according to p. 7, characterized in that the interface unit to the computer contains the block of reception and transmission of information, the first and second inputs of which are the first and second inputs of the interface unit to the computer, the first output unit of the transmission / reception of information is the seventh output of the interface unit to the computer, the second output is connected with the first inputs of decoder functions register address key register access password, schema compare passwords and timer activity devices protect data from unauthorized access and is the fifth output of the interface unit to the computer, a third output connected to the second input of the address register keys and his fourth release is the fourth output unit interface with a computer, the second input of the decoder functions connected to the output of timer activity devices protect information from unauthorized access, first, second and third outputs of the decoder functions are, respectively, the second, third and sixth outputs of the interface unit to the computer, the fourth output of the decoder functions podklyuchaya, the output of which is connected to the third input of the comparison circuit passwords, and its output connected to the second input of timer activity devices protect information from unauthorized access, while the output of the address register of the keys is the first exit unit interface with a computer.

9. The device according to p. 7, wherein the key generator contains unit signals a pseudo-random sequence, the first input connected to the output of the cyclic timer, the second input is the first input key generator, the third entry is the third entry of the key generator, and a fourth input connected to the output of timer intervals, the inlet of which is the second input key generator, with the output of the generator signals are pseudo-random sequence is the output of the key generator.

10. The device according to p. 7, characterized in that the functional unit converters input data in the encrypted and decrypted data block contains encryption information, the first input is the first input of the functional block converters input data in the encrypted and decrypted data, combined with the first inputs of the block information encryption and block deshifrirovaniya and decrypted data, combined with the second inputs of the block information encryption and block decoding information, the third entry is the third input of the functional block converters input data in the encrypted and decrypted data, combined with the third inputs of the block information encryption and block decoding information, and the output of block encryption information is combined with the output of the block decoding information and is the output of the functional block converters input data in the encrypted and decrypted data.

11. The device according to p. 7, characterized in that it is made in a physically protected from unauthorized access environment, for example in single-chip microcontroller.

12. The protection of information from unauthorized access, contains the interface box to the computer, the first input which is the input of the device connected to port I / o data computer, a nonvolatile memory keys, the first input of which is connected to the first output unit interface with a computer, a functional block converters input data in the encrypted and decrypted data and code of an electronic signature, the output of which is connected to the second input of the interface unit to the computer, ogogo connected respectively with the third and fourth outputs of the interface unit to the computer, the second output of which is connected with the second input of the nonvolatile memory keys, the fifth output connected to the first input of the functional block converters input data in the encrypted and decrypted data and code of an electronic signature, a third input key generator and the first input unit transport keys, the sixth output is connected to the second input of the functional block converters input data in the encrypted and decrypted data and code of an electronic signature, the seventh output is an output device connected to port I / o data computer, and the eighth output connected to the second input of the transport keys in this third entry of non-volatile memory keys combined with the third input of the transport key and the output of the key generator, and its fourth input is connected to the first output unit transport keys and the yield of non-volatile memory key connected to the third input of the functional block converters input data in the encrypted and decrypted data and code of an electronic signature, the output of which is combined with the output unit of the transport key and the second input of the interface unit to the computer.

13. The device according to p. 12, characterized Thea first and second inputs of the interface unit to the computer, the first output unit of the transmission / reception of information is the seventh output of the interface unit to the computer, the second output is connected with the first inputs of decoder functions register address key register access password, schema compare passwords and timer activity devices protect data from unauthorized access and is the fifth output of the interface unit to the computer, the third output unit of the transmission / reception of information is connected to the second input of the address register keys, and his fourth release is the fourth output unit interface with a computer, the second input of the decoder functions connected to the output of timer activity devices protect information from unauthorized access, first, the second, third, and sixth outputs of the decoder functions are, respectively, the second, third, sixth and eighth outputs of the interface unit to the computer, the fourth output of the decoder functions connected to the second input of the comparison circuit passwords, and his fifth output connected to a second input of the register access password, the output of which is connected to the third input of the comparison circuit passwords, the output of which is connected to the second input of timer activity devices protect information from unauthorized access, itcauses fact, what key generator contains unit signals a pseudo-random sequence, the first input connected to the output of the cyclic timer, the second input is the first input key generator, the third entry is the third entry of the key generator, and a fourth input connected to the output of timer intervals, the inlet of which is the second input key generator, with the output of the generator signals are pseudo-random sequence is the output of the key generator.

15. The device according to p. 12, characterized in that the functional unit converters input data in the encrypted and decrypted data and code of the electronic signature block contains encryption information, the first input is the first input of the functional block converters input data in the encrypted and decrypted data and code of an electronic signature, combined with the first inputs of the block decoding information unit and verify digital signatures and block the formation of a digital signature, the second input is a second input of the functional block converters input data in the encrypted and decrypted data and code of an electronic signature, combined with the second inputs of the authorized digital signature, the third entrance is the third input of the functional block converters input data in the encrypted and decrypted data and code of an electronic signature, combined with the third inputs of the block decoding information and block the formation of a digital signature, while the output of block encryption information is combined with the outputs of the block decoding information unit and verify digital signatures and block the formation of a digital signature and is the output of the functional block converters input data in the encrypted and decrypted data and code of the electronic signature.

16. The device according to p. 12, characterized in that the unit transportation key contains the memory system key, the output of which is connected with the first inputs of the block of encryption key and the decryption key, the second input is combined with the second input of the encryption key and the second input unit of transport keys, the third input of the block cipher key is the third input unit transport keys, and the third input of the decryption key is the first input unit transport keys, and the output of the block cipher key is the second output unit Tr is she.

17. The device according to p. 12, characterized in that it is made in a physically protected from unauthorized access environment, for example in single-chip microcontroller.

 

Same patents:

The invention relates to the field of authentication objects

The invention relates to methods of protecting computer memory from unauthorized access through an arbitrary communication channels and to the structure of the devices for implementing such methods

The invention relates to the field of computing, and in particular to means of information protection from unauthorized access to electronic computing systems (machines), local area networks (LAN) - based personal computers (PC)

The invention relates to a device for data exchange with setting permissions on data exchange

The invention relates to a method of monitoring the performance of computer programs in accordance with their intended purpose

The invention relates to the field of optical recording and reproducing video and/or audio data, in particular to the recording medium for storing identification information of the manufacturer of the recording device, changing the contents of the recording media

The invention relates to a device and method for authentication of the content of the memory

The invention relates to the processing unit and method for accessing a memory having multiple memory cells for storing data values

The invention relates to protected memory, in particular memory, providing multiple layers of protection for areas of application

Processor // 2248608

FIELD: computers, data protection.

SUBSTANCE: processor has bus interface device, device for selection/decoding of commands, device for dispatching/execution, program string decoding device, which string is selected from program and loaded in first levels command cash, which contains a set of N two-input elements XOR, keys memory, storing different N-bit decoding keys.

EFFECT: higher efficiency.

2 dwg

FIELD: technologies for authentication of information.

SUBSTANCE: method includes performing absolute identification for confirming legality of data carrier according to first rule in preset time. Authentication information is recorded on this data carrier in previously set position. Process of arbitrary authentication is performed for confirming legality of said data carrier in accordance to second rule in arbitrary time. First rule includes announcing confirmation of standard match, if information for authentication is detected as registered in selected preset position. Second rule in given arbitrary authentication process includes announcing standard match, if information for authentication is detected as not registered in arbitrary positions, different from given preset position.

EFFECT: higher reliability.

6 cl, 12 dwg

FIELD: computers.

SUBSTANCE: method includes, on basis of contents of central processor registers, received after processor performs some sort of command, by means of mathematical logical operation, forming certain finite control sum and storing it in memory, and on basis of contents of registers, received before start of execution by said processor of directly next command, certain starting checksum is formed, while if starting checksum mismatches finite checksum, error message is generated, which can be followed by halting of processor operation or blocking of chip board with its removal from circulation.

EFFECT: higher reliability.

2 cl, 2 dwg

FIELD: copy protection.

SUBSTANCE: system has content distribution block, multiple recording and playback devices for digital data, calculations processing block, meant to perform communications with recording and playback devices and performing calculations processing for transferring license payments.

EFFECT: higher reliability of copy protection.

5 cl, 55 dwg

FIELD: electronics.

SUBSTANCE: device has signaling bus, loaded with clock signal, at least one couple of buses serving for encoding one bit, detector circuit, multiplexer. According to method in case of first value of signal of signal bus two buses of one couple detect same level of signal, and in case of second value of signal of signal bus two buses of one couple detect different signal levels, detect forbidden states during operation of board, change process of system functioning, to generate alarm in that way.

EFFECT: higher reliability of protection.

2 cl, 7 dwg

FIELD: microprocessors.

SUBSTANCE: device has central processing devices, including first cryptographic block, at least one peripheral block, including second cryptographic block, device also has data bus, random numbers generator, conductor for supplying clock signal, conductor for providing random numbers signal, set of logical communication elements, while each cryptographic block has register of displacement with check connection.

EFFECT: higher level of unsanctioned access protection.

7 cl, 1 dwg

FIELD: digital memory technologies.

SUBSTANCE: board has rewritable power-independent memory and control circuit, means for storing address, pointing at limit between authentication area and non-authentication area, circuit for changing size of said areas. Reading device contains estimation means, reading information, pointing at number of times, for which digital data can be read, and playback means. Second device variant additionally has means for digital output of contents.

EFFECT: higher efficiency.

3 cl, 23 dwg

FIELD: computer science.

SUBSTANCE: method includes protective mathematical conversion of service data of network frame prior to transfer to environment for transfer of a LAN. To said protective conversion the data is subjected, which is contained in headers of network frames of channel level, and also in headers of all encapsulated network packets and segments. As a result the very possibility of interception is prevented.

EFFECT: higher efficiency.

7 cl, 2 dwg

FIELD: data carriers.

SUBSTANCE: device for reproduction of data from data carrier, program zone of which is used for recording a set of files, and control zone - for controlling copy protection data concerning the file, recorded in program zone, has computer for calculating copy protection information for each time file is reproduced, comparison means for comparing value, calculated on reproduction command, being prior to current one, to value, calculated on current reproduction command, and if these values coincide, the last value is stored as copy protection value, calculated on reproduction command , prior to current one and control means for allowing reproduction of file, appropriate for current command, if value, calculated as response to command, previous relatively to current command, coincides as a result of comparison to value, calculated as a response to current command.

EFFECT: higher reliability, higher efficiency.

4 cl, 46 dwg

FIELD: data carriers.

SUBSTANCE: device has calculating, reserving and recording modules. Each variant of semiconductor memory card contains area for recording user data for controlling volume and area for recording user data. On carrier method for computer initialization is recorded, including calculation of size of volume control information, reserving areas and recording therein of control information for volume and user data, recording main boot record and sectors table in first section of first area, skipping preset number of sectors, recording information of boot sector of section, file allocation table and root directory element to following sectors.

EFFECT: higher efficiency.

5 cl, 59 dwg

Up!