WO2024245301A1 - Information management method and apparatus, and electronic device - Google Patents

Abstract

The present application belongs to the technical field of communications. Disclosed are an information management method and apparatus, and an electronic device. The method comprises: storing key-related information in a replay protected memory block (RPMB), wherein the key-related information comprises a first parameter or first ciphertext, the first parameter is used for encrypting a synthesis key, and the first ciphertext is ciphertext obtained by encrypting the synthesis key; and when an instruction for indicating the deletion of user data is received, calling an RPMB erasure function, and physically erasing the key-related information stored in the RPMB, wherein the key-related information is used for determining a key for encrypting the user data.

Description

Information management method, device and electronic equipment

CROSS-REFERENCE TO RELATED APPLICATIONS

This application claims priority to the Chinese patent application filed with the China Patent Office on May 30, 2023, with application number 202310619851.3 and title “Information Management Method, Device and Electronic Device”, the entire contents of which are incorporated by reference into this application.

Technical Field

The present application belongs to the field of communication technology, and specifically relates to an information management method, device and electronic equipment.

Background Art

At present, people often use mobile electronic devices such as mobile phones to handle daily affairs, so a large amount of user-related information and data are usually stored in electronic devices. When an electronic device is lost or stolen, the user information and data on it are also at great risk of leakage. In the prior art, a full disk overwrite method is often used to force the internal controller of the flash memory to immediately call the physical erase mechanism to completely delete user data to prevent user privacy leakage. For example, for a 128G flash memory, the entire flash memory can be overwritten by writing about 128G of random numbers to achieve the purpose of physical erasure. However, this physical erasure method has strict requirements on time, power, and whether interruptions are allowed during operation. For example, it takes at least 10 minutes to completely overwrite a 128G flash memory, and the device is required to be connected to the power supply, and interruptions are not allowed during the full disk overwrite. Therefore, when it is necessary to delete user data on electronic devices such as mobile phones, it is easily limited by factors such as time, power, and uncontrolled devices, resulting in a low success rate of physical erasure by completely overwriting the flash memory through remote control.

Summary of the invention

The purpose of the embodiments of the present application is to provide an information management method, device and electronic device, which can solve the problem in the prior art that when user data on an electronic device needs to be deleted, the success rate of physical erasure by completely overwriting is low.

In a first aspect, an embodiment of the present application provides an information management method, including:

The key-related information is stored in a replay protection memory block RPMB, wherein the key-related information includes a first parameter or a first ciphertext, the first parameter is used to encrypt the synthetic key, and the first ciphertext is the ciphertext obtained by encrypting the synthetic key;

In case of receiving an instruction for deleting user data, the RPMB erase function is called to physically erase the key-related information stored in the RPMB, wherein the key-related information is used to determine the key for encrypting the user data.

In a second aspect, an embodiment of the present application provides an information management device, including:

A storage module, configured to store key-related information in a replay protection memory block RPMB, wherein the key-related information includes a first parameter or a first ciphertext, the first parameter is used to encrypt a synthetic key, and the first ciphertext is a ciphertext encrypted from the synthetic key;

An erasure module is used to call the RPMB erasure function upon receiving an instruction to delete user data, and physically erase the key-related information stored in the RPMB, wherein the key-related information is used to determine the key for encrypting the user data.

In a third aspect, an embodiment of the present application provides an electronic device, which includes a processor and a memory, wherein the memory stores programs or instructions that can be run on the processor, and when the program or instructions are executed by the processor, the steps of the information management method described in the first aspect are implemented.

In a fourth aspect, an embodiment of the present application provides a readable storage medium, on which a program or instruction is stored, and when the program or instruction is executed by a processor, the steps of the information management method described in the first aspect are implemented.

In a fifth aspect, an embodiment of the present application provides a chip, comprising a processor and a communication interface, wherein the communication interface is coupled to the processor, and the processor is used to run programs or instructions to implement the information management method as described in the first aspect.

In a sixth aspect, an embodiment of the present application provides a computer program product, which is stored in a storage medium and is executed by at least one processor to implement the information management method as described in the first aspect.

In a seventh aspect, an embodiment of the present application provides an electronic device, which is configured to execute the method described in the first aspect.

In an embodiment of the present application, key-related information is stored in a replay protection memory block RPMB, wherein the key-related information includes a first parameter or a first ciphertext, wherein the first parameter is used to encrypt a synthetic key, and the first ciphertext is a ciphertext encrypted from the synthetic key; upon receiving an instruction for instructing to delete user data, the RPMB erase function is called to physically erase the key-related information stored in the RPMB, wherein the key-related information is used to determine the key for encrypting the user data. In this way, by changing the key-related information related to user data to be stored in the RPMB, when it is necessary to delete user data on an electronic device, it is possible to control the call of the RPMB erase function to quickly physically erase the key-related information stored in the RPMB, thereby achieving the purpose of quickly and securely deleting user data.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG1 is a schematic diagram of an existing CE key protection method;

FIG2 is a schematic diagram of the existing functional framework for obtaining a CE key;

3 is a flow chart of an information management method provided in an embodiment of the present application;

FIG4 is a schematic diagram of an improved CE key protection method provided in an embodiment of the present application;

FIG5 is one of the schematic diagrams of the improved functional framework for obtaining the CE key provided in an embodiment of the present application;

FIG6 is a second schematic diagram of the improved functional framework for obtaining a CE key provided in an embodiment of the present application;

7 is a schematic diagram of the structure of an information management device provided in an embodiment of the present application;

FIG8 is a schematic diagram of the structure of an electronic device provided in an embodiment of the present application;

FIG. 9 is a schematic diagram of the hardware structure of an electronic device provided in an embodiment of the present application.

Specific embodiments

The following will be combined with the drawings in the embodiments of the present application to clearly describe the technical solutions in the embodiments of the present application. Obviously, the described embodiments are part of the embodiments of the present application, rather than all the embodiments. All other embodiments obtained by ordinary technicians in this field based on the embodiments in the present application belong to the scope of protection of this application.

The terms "first", "second", etc. in the specification and claims of the present application are used to distinguish similar objects, and are not used to describe a specific order or sequence. It should be understood that the data used in this way can be interchangeable under appropriate circumstances, so that the embodiments of the present application can be implemented in an order other than those illustrated or described here, and the objects distinguished by "first", "second", etc. are generally of one type, and the number of objects is not limited. For example, the first object can be one or more. In addition, "and/or" in the specification and claims represents at least one of the connected objects, and the character "/" generally indicates that the objects associated with each other are in an "or" relationship.

In order to make the embodiments of the present application clearer, the relevant background technology knowledge involved in the embodiments of the present application is first introduced as follows:

Android 7.0 and higher versions support file-based encryption (FBE), which can generate a key for each file, that is, generate a per-file key, and then use the key to encrypt and decrypt the specified file to achieve the purpose of protecting the file.

The unique key of each file, i.e., the per-file key, is ultimately derived from the user credential encrypted (CE) key through multiple layers of transformation. Therefore, in order to ensure the data security on the terminal, it is necessary to ensure the security of the CE key first. In the prior art, the protection method of the CE key is shown in Figure 1, and is as follows:

1. When the terminal is powered on for the first time, perform the following operations:

1) The key management (Keymaster) of the terminal trusted execution environment (TEE) and the trusted application (TA) automatically generate the disk encryption (DE) key and CE key;

2) When the lock screen password is not set, Keymaster TA generates keymaster_key_blob, encrypts the CE key, obtains the CE key ciphertext EN_blob, and stores the ciphertext in the user data area (User Data Area, UDA) of the flash memory.

2. When setting the lock screen password for the first time, perform the following operations:

1) Obtain user credentials entered by the user, i.e., Personal Identification Number (PIN)/Password/Pattern;

2) Encrypt and protect the CE key as follows:

The application framework in the Rich Execution Environment (REE) of the mobile device calls the main central processing unit (CPU) to generate two random numbers, namely P0 and P1, and derives the synthetic key (Synthetic Password) through the hash function (Hash);

REE sends the synthetic key, CE key ciphertext EN_blob, keymaster_key_blob, etc. to TEE;

In TEE, Keymaster TA uses keymaster_key_blob to decrypt CE key ciphertext EN_blob to obtain plaintext CE key; then uses the synthetic key to re-encrypt CE key to obtain CE key ciphertext EN_sp, and deletes keymaster_key_blob;

Store the CE key ciphertext EN_sp in the user data area UDA of the flash memory;

3) The synthetic key is encrypted and protected as follows:

First, the synthetic key is encrypted for the first time, including the following operations:

The application framework in REE calls the main CPU to generate a random number, namely secdis; the gatekeeper module in REE generates a password token (PasswordToken) through the key derivation function (KDF) according to the user credentials entered by the user; gatekeeperd in REE sends a message to the gatekeeper TA in TEE, which contains PasswordToken, secdis, user identifier (User Identifier, UID), etc.

After receiving the message, the gatekeeper TA in TEE generates a secure identifier (SID), which is a 64-bit random number used to identify the user credential type; it derives key 1 (key1) through a hash function based on PasswordToken and secdis; the Keymaster TA in TEE uses key1 to encrypt the synthetic key for the first time and obtains the synthetic key ciphertext EN_key1, which is spblob_key1.

The synthetic key is then encrypted for the second time, including the following operations:

TEE obtains the Hardware Unique Key (HUK); generates other parameters 1 and other parameters 2, which include random numbers, device information, etc.; Keymaster TA derives the keymaster's root key KM based on HUK and other parameters 1 through the key generation function KDF; Keymaster TA derives the security key (secretKey), namely key 2 (key2), based on KM, security identifier SID and other parameters 2 through the key generation function KDF, where the security identifier SID and other parameters 2 will be stored in the user data area UDA of the flash memory through the keystore; Keymaster uses key2 to encrypt the composite key for the second time and obtains the ciphertext EN_key2 of EN_key1/spblob_key1, which is spblob; the security identifier SID and spblob are stored in the user data area UDA of the flash memory.

3. When verifying the lock screen password, install the CE key into the kernel keyring, as shown in Figure 2, and perform the following operations:

1) Get the input user credentials (i.e. PIN/Password/Pattern);

2) gatekeeperd in REE generates PasswordToken based on the user credentials entered by the user;

3) gatekeeperd in REE sends PasswordToken to gatekeeper TA in TEE. Gatekeeper TA verifies PasswordToken. After successful verification, gatekeeper TA generates an authentication token (AuthToken) and returns AuthToken to gatekeeperd in REE.

4) gatekeeperd in REE sends the token AuthToken and security identifier SID to the keystore;

5) keystore obtains the synthetic key ciphertext spblob and CE key ciphertext EN_sp from the flash user data area UDA according to SID;

6) Keystore sends AuthToken, security identifier SID, synthetic key ciphertext spblob and CE key ciphertext EN_sp to Keymaster TA in TEE;

7) Keymaster TA verifies AuthToken. After successful verification, it performs the following operations:

The hardware unique key HUK, other parameters 1, other parameters 2 and security identifier SID are obtained; the Keymaster TA derives the keymaster root key KM based on HUK and other parameters 1 through the key generation function KDF; the Keymaster TA derives the secretKey, that is, key2*, based on KM, security identifier SID and other parameters 2 through the key generation function KDF.

8) Keymaster TA uses key key2* to decrypt the synthetic key ciphertext spblob (i.e. EN_key2) to obtain spblob*;

9)Keymaster TA derives the key key1* based on PasswordToken;

10) Keymaster TA uses key key1* to decrypt spblob* and obtain the composite key;

11) Keymaster TA uses the synthetic key to decrypt the CE key ciphertext EN_sp to obtain the CE key;

12) Keymaster TA uses a temporary key (TK) (TEE will regenerate a TK each time the device is turned on) to encrypt the CE key, obtain the CE key ciphertext EN_tk, and then install the CE key ciphertext EN_tk into the Kernel keyring; or, Keymaster TA directly installs the plaintext CE key into the Kernel keyring. In this case, the CE key is at risk of leakage.

4. When reading and writing files, the hardware encryption engine (Inline Crypto Engine, ICE) encrypts and decrypts the file based on the file key and performs the following operations:

1) As shown in Figure 2, when the disk is actually read or written (Block IO), before the read or write operation is initiated, a series of callback functions are used to find the key information stored in the file system index node (inode), such as CE key ciphertext EN_tk, file information, etc., and send the key information to the Keymaster TA;

2) Keymaster TA will use the temporary key TK to decrypt the CE key ciphertext EN_tk, and further derive the file key based on the file information, and then set the plaintext of the file key to the hardware register of ICE through the functional modules in Figure 2, such as Universal Flash Storage (UFS), UFS driver, ICE driver, Per-File-Encryption (PFE) driver, Keymaster key management, etc.;

3) After the file key is set to the hardware register of ICE, the storage controller will initiate the actual read and write operation, and the file content data can be correctly decrypted or encrypted according to the file key.

5. When changing the lock screen password, the CE key remains unchanged and the synthetic key will not be regenerated. Instead, the synthetic key will be re-encrypted using the key generated by the new lock screen password. Perform the following operations:

1) According to the original user credentials, decrypt to obtain the synthetic key plaintext:

First, the synthetic key ciphertext spblob is decrypted for the first time by the following operation:

Obtain the hardware unique key HUK, other parameters 1, other parameters 2, and security identifier SID; Keymaster TA derives the keymaster's root key KM through the key generation function KDF based on HUK and other parameters 1; Keymaster TA derives secretKey, i.e. key2*, through the key generation function KDF based on KM, security identifier SID and other parameters 2; Use key key2* to decrypt the synthetic key ciphertext spblob (i.e. ciphertext EN_key2) to obtain spblob*;

Then decrypt the synthetic key ciphertext spblob for the second time through the following operations:

Generate PasswordToken_o through the key generation function KDF based on the original user credentials; gatekeeperd in REE will send a message to gatekeeper TA in TEE, which contains PasswordToken_o, secdis, user identifier UID, etc.; gatekeeper TA derives the key key1_o through the hash function based on PasswordToken_o and secdis; use the key key1_o to decrypt spblob* to obtain the plaintext synthetic key.

2) Re-encrypt the synthesized key based on the newly entered user credentials:

First, encrypt the synthetic key for the first time by doing the following:

In REE, gatekeeperd generates PasswordToken_n through the key generation function KDF according to the new user credentials input by the user; gatekeeperd in REE sends a message to gatekeeper TA in TEE, which contains PasswordToken_n, secdis, user identifier UID, etc.; gatekeeper TA derives the key key1_n through the hash function according to PasswordToken_n and secdis; key key1_n is used to encrypt the synthetic key for the first time to obtain the synthetic key ciphertext EN_key1_n, which is spblob_key1_n;

Next, encrypt the synthesized key a second time by doing the following:

The keymaster uses the key key2* obtained in the previous step of "decrypting the synthetic key ciphertext spblob for the first time" to encrypt the synthetic key for the second time to obtain the ciphertext EN_key2*, which is spblob_n.

It can be seen that in the prior art, the ciphertext of the CE key and the ciphertext of the synthetic key used to encrypt the CE key are both stored in the UDA of the flash memory. If the electronic device is stolen or lost, the user's important information may be leaked. Because the security strength of the 4-digit or 6-digit PIN/Password/Pattern, fingerprint, etc. is limited, the attacker may obtain the CE key by brute-forcing the PIN/Password/Pattern, fingerprint, etc., and then obtain the user information, causing the user information to be leaked.

At present, flash memory is used to store user data on electronic devices. One feature of flash memory is that when writing data, the storage space needs to be erased before writing the data, that is, off-site update, that is, writing the updated data to a free storage page instead of the storage page where the original data is located. Therefore, the original data cannot be overwritten by overwriting (except for full disk overwriting) to make it invalid, but the original data will continue to exist for a period of time, that is, until the flash memory controller physically erases it through the relevant algorithm, the original data will become inaccessible.

Since the flash memory is updated off-site, it is unlikely to prevent user data leakage by physically deleting the CE key ciphertext and/or the synthetic key ciphertext through remote control when the electronic device is stolen or lost, because the CE key ciphertext and the synthetic key ciphertext are stored in the UDA of the flash memory, and the flash memory does not support physical erasure of the specified data. Of course, full disk overwrite can also be performed. For example, for a 128G flash memory, the entire flash memory is overwritten by writing about 128G of random numbers to achieve the purpose of physical erasure. However, this physical erasure method has strict requirements on time (such as 128G flash memory, full overwrite takes at least 10 minutes), device power (such as requiring the device to be connected to the power supply), whether interruption is allowed during operation (such as no interruption is allowed when the full disk is overwritten), etc. Therefore, when the electronic device is stolen or lost, due to the small time window, limited device power, and uncontrolled device, it is unlikely to achieve successful physical erasure by fully overwriting the flash memory through remote control.

In order to increase the possibility of successful secure deletion of user data when an electronic device is stolen or lost, it is necessary to physically erase specified data such as CE key ciphertext and synthetic key ciphertext within a short period of time to prevent user data leakage.

Normally, UFS flash memory is divided into 4 partitions, and there are two main partitions related to this application, namely the user data area UDA and the replay protected memory block (RPMB). In order to extend the service life of UFS flash memory, the command for physical erasure of flash memory is limited to the flash memory controller's internal self-calling according to relevant algorithms such as wear leveling algorithm, and is not provided for external calls. However, starting with UFS 4.0 (released in December 2022), the RPMB partition of flash memory can provide an RPMB erase (Purge) application programming interface (API) to the outside, supporting external calls to the API to physically erase data in RPMB.

Currently, both the CE key ciphertext and the synthetic key ciphertext exist in the UDA of the flash memory. However, the UDA does not provide a physical erase API to the outside world. Therefore, you can consider storing the CE key ciphertext and the synthetic key ciphertext in the RPMB partition. When necessary, you can call the RPMB Purge API to physically erase them, thereby achieving the purpose of securely deleting user data.

However, changing the CE key ciphertext and synthetic key ciphertext from the original UDA partition to the RPMB partition requires major changes to the original system. In particular, when storing the CE key ciphertext in the RPMB partition, it is necessary to modify the keystore in REE, the keymaster in TEE and other functional modules, and the messages between functional modules also need to be modified. In addition, the RPMB partition is small, and the same user has multiple CE keys, and different users have different CE keys and synthetic keys. Therefore, their ciphertexts will occupy more space in the RPMB partition.

In order to reduce the implementation cost, it is necessary to be compatible with the original implementation as much as possible, that is, to achieve secure deletion of user data with minimal changes to the original implementation. Therefore, the present application improves the key management of the file system by generating a new parameter, which is stored in the RPMB partition; the encryption key of the synthetic key is derived based on the newly generated parameter. When user data needs to be deleted in scenarios such as electronic equipment being lost or stolen, it is only necessary to remotely control the call of the RPMB Purge API to physically erase the newly generated parameter, so that it is impossible to decrypt and obtain the synthetic key, and then it is impossible to decrypt and obtain the CE key, and finally the user data cannot be accessed, reducing the possibility of user data leakage. Since only a newly generated parameter needs to be physically erased, the implementation efficiency is very high, which can fully meet the user's needs to immediately and securely delete user data when the electronic device is lost or stolen. In addition, the present application also designs an optional solution to store the ciphertext of the synthetic key in the RPMB partition, and immediately remotely and physically erase the ciphertext of the synthetic key when the electronic device is lost or stolen. However, if there are multiple user accounts on the same terminal, it is necessary to store the ciphertext of multiple synthetic keys, and when physically erasing, it is necessary to erase the ciphertext of all synthetic keys in the RPMB.

The information management method provided by the embodiment of the present application is described in detail below through specific embodiments and their application scenarios in conjunction with the accompanying drawings.

Please refer to FIG. 3, which is a flow chart of an information management method provided in an embodiment of the present application. As shown in FIG. 3, the method includes the following steps:

Step 301: Store key-related information in a replay protection memory block RPMB, wherein the key-related information includes a first parameter or a first ciphertext, the first parameter is used to encrypt a synthetic key, and the first ciphertext is a ciphertext obtained by encrypting the synthetic key.

In the embodiments of the present application, RPMB can provide an RPMB Purge API to support external calls to the API to physically erase the data in RPMB, so as to achieve the purpose of safely and quickly deleting user data by physically erasing key-related information related to the user data when user data needs to be deleted in scenarios such as when the electronic device is stolen or lost.

To this end, the embodiments of the present application provide two solutions. One is to improve the key management of the file system, that is, by generating a new parameter, namely the first parameter, which can also be called the synthetic key protection factor, and using the parameter to participate in the encryption process of the synthetic key, and then storing the parameter in the RPMB partition. When the user data needs to be deleted in the scenario of electronic device loss or theft, the first parameter is remotely physically erased, so that the key to decrypt the synthetic key cannot be derived. The second is to store the ciphertext of the synthetic key, that is, the first ciphertext, in the RPMB partition, and immediately remotely and physically erase the ciphertext of the synthetic key when user data needs to be deleted in scenarios such as when the electronic device is lost or stolen.

The key-related information is the first parameter, namely, the synthetic key protection factor, or the first ciphertext, namely, the synthetic key ciphertext.

When using the first parameter to participate in the encryption process of the synthetic key, that is, on the basis of the existing synthetic key encryption method (that is, the step of encrypting the synthetic key when setting the lock screen password for the first time as introduced above), a new parameter is introduced to participate in the encryption calculation of the synthetic key. After encryption, the parameter can be stored in RPMB, and the synthetic key ciphertext is stored in UDA according to the existing storage method.

Optionally, the first parameter is an M-bit random number, where M is a positive integer.

That is, the first parameter can be a random number generated by TEE. In order to ensure higher security, the number of bits of the random number can be much larger than the 4 or 6-digit user credentials, i.e., PIN/Password/Pattern. For example, a 256-bit random number is much more secure than the 4 or 6-digit user credentials, i.e., PIN/Password/Pattern. In the case of electronic device loss or theft, it can completely resist brute force attacks.

When using the existing synthetic key encryption method, the synthetic key ciphertext obtained after encryption can be stored in the RPMB, that is, the storage method of the synthetic key ciphertext is changed, and it is no longer stored in the UDA partition but is changed to the RPMB partition that supports physical erasure.

Step 302: When receiving an instruction to delete user data, call the RPMB erase function to physically erase the key-related information stored in the RPMB, wherein the key-related information is used to determine the key for encrypting the user data.

When it is necessary to delete user data in an electronic device, for example, when the electronic device is lost or stolen, the key-related information in the RPMB can be immediately erased by sending relevant instructions such as sending a remote control instruction instructing the deletion of user data. That is, the user can use other electronic devices to send instructions for instructing the deletion of user data to the stolen or lost electronic device, so that the electronic device can call the RPMB erase function based on the instruction to immediately physically erase the key-related information stored in the RPMB.

When the key-related information is the first parameter, i.e., the synthetic key protection factor, in scenarios such as when the electronic device is lost or stolen, based on the user data deletion instruction, the first parameter in the RPMB partition can be physically erased immediately by calling the RPMB erase function to achieve the purpose of secure deletion of user data.

When the key-related information is the first ciphertext, i.e., the synthetic key ciphertext, in scenarios such as when the electronic device is lost or stolen, the first ciphertext in the RPMB partition can be physically erased immediately by calling the RPMB erase function based on the user data deletion instruction, so as to achieve the purpose of secure deletion of user data.

Optionally, the key-related information includes the first parameter;

Before step 301, the method further includes:

encrypting the synthetic key according to the first parameter;

The step 301 includes:

The first parameter is stored in the RPMB.

In one implementation, the key-related information includes the first parameter, namely, a synthetic key protection factor, that is, a scheme of generating a new parameter to participate in the encryption calculation of the synthetic key and storing the parameter in the RPMB can be adopted.

Further, storing the first parameter in the RPMB includes:

The first parameter is associated with the key identifier of the synthetic key and stored in the RPMB.

That is, the first parameter and the key identifier associated with the synthetic key can be stored in the RPMB in association, the key identifier can be a security identifier SID involved in the encryption of the synthetic key, and the key identifier is used to identify the first parameter, so that the corresponding first parameter can be retrieved according to the key identifier. In this way, when necessary, the specified first parameter can be erased according to the key identifier to achieve fine-grained physical erasure.

In this implementation, since the first parameter occupies less storage space than the synthetic key ciphertext, using this solution will not cause excessive occupation of RPMB storage space, and by erasing this parameter, it can effectively prevent the decryption key of the synthetic key from being derived, and then the CE key cannot be decrypted, and ultimately the user data cannot be accessed, which greatly reduces the possibility of user data leakage.

Optionally, the encrypting the synthetic key according to the first parameter includes any of the following:

Encrypting the synthetic key according to the first key to obtain a second ciphertext; encrypting the second ciphertext according to the third key to obtain a third ciphertext, wherein the third key is determined according to the root key, and the root key is determined according to the first parameter;

Encrypting the synthetic key according to the first key to obtain a second ciphertext; encrypting the second ciphertext according to a fourth key to obtain a fourth ciphertext, wherein the fourth key is determined according to the first parameter;

The synthetic key is encrypted according to the first key to obtain a second ciphertext; the second ciphertext is encrypted according to the first parameter and the second key to obtain a fifth ciphertext, wherein the first key and the second key are determined in different ways.

That is, the first parameter can be applied to three different methods to encrypt the synthetic key to protect the synthetic key. They are as follows:

Method 1: Add the first parameter, i.e., the synthetic key protection factor, to the calculation of the keymaster root key KM;

Method 2: Add the first parameter, i.e. the synthetic key protection factor, to the calculation of secretKey, i.e. key2;

Method 3: Add the first parameter, ie, the synthetic key protection factor, to the second encryption calculation of the synthetic key.

As shown in method 1 in FIG4 , the first parameter, i.e., the synthetic key protection factor, is added to the calculation of the root key KM, i.e., the Keymaster TA derives the root key KM through the key generation function KDF according to other parameters 1, HUK and the first parameter; the Keymaster TA then derives the secretKey, i.e., key2, through the key generation function KDF according to KM, the security identifier SID and other parameters 2; the Keymaster TA in the TEE uses the first key, i.e., key1, to encrypt the synthetic key for the first time, obtaining the ciphertext EN_key1, i.e., spblob_key1, and then uses key2 to encrypt the synthetic key for the second time, i.e., encrypting the first encrypted ciphertext EN_key1 of the synthetic key, obtaining the ciphertext EN_key2, i.e., spblob. It should be noted that the corresponding step of decrypting the synthetic key ciphertext, i.e., spblob, using the first parameter corresponds to it.

As shown in method 2 in FIG. 4 , the first parameter, i.e., the synthetic key protection factor, is added to the calculation of secretKey, i.e., key2, i.e., Keymaster TA derives KM through the key generation function KDF according to other parameters 1 and HUK; Keymaster TA then derives secretKey, i.e., key2, through the key generation function KDF according to KM, security identifier SID, other parameters 2 and the first parameter; in TEE, Keymaster TA uses the first key, i.e., key1, to encrypt the synthetic key for the first time, obtaining the ciphertext EN_key1, i.e., spblob_key1, and then uses key2 to encrypt the synthetic key for the second time, i.e., encrypting the first encrypted ciphertext EN_key1 of the synthetic key, obtaining the ciphertext EN_key2, i.e., spblob. It should be noted that the corresponding step of decrypting the synthetic key ciphertext, i.e., spblob, using the first parameter corresponds to it.

As shown in method 3 in FIG. 4 , the first parameter, i.e., the synthetic key protection factor, is added to the second encryption calculation of the synthetic key, i.e., Keymaster TA derives KM through the key generation function KDF according to other parameters 1 and HUK; Keymaster TA then derives secretKey, i.e., key2, through the key generation function KDF according to KM, security identifier SID and other parameters 2; in TEE, Keymaster TA uses the first key, i.e., key1, to encrypt the synthetic key for the first time, and obtains the ciphertext EN_key1, i.e., spblob_key1, and then uses key2 and the first parameter to encrypt the synthetic key for the second time, i.e., encrypt the first encrypted ciphertext EN_key1 of the synthetic key, and obtain the ciphertext EN_key2, i.e., spblob. It should be noted that the corresponding step of decrypting the synthetic key ciphertext, i.e., spblob, using the first parameter corresponds to it.

In this way, this implementation supports three different ways to apply the first parameter, namely the synthetic key protection factor, to the encryption calculation process of the synthetic key, all of which can achieve protection of the synthetic key.

Optionally, the key-related information includes a first ciphertext;

Before step 301, the method further includes:

Encrypting the synthetic key according to the first key to obtain a second ciphertext, and encrypting the second ciphertext according to the second key to obtain the first ciphertext, wherein the first key and the second key are determined in different ways;

The step 301 includes:

The first ciphertext is stored in the RPMB.

In another implementation, the key-related information includes a first ciphertext, i.e., a synthetic key ciphertext, i.e., an existing encryption method for the synthetic key can be used, i.e., the Keymaster TA in the TEE uses the first key, i.e., key1, to encrypt the synthetic key for the first time, and obtains a ciphertext EN_key1, i.e., spblob_key1, and then uses key2 to encrypt the synthetic key for the second time, i.e., encrypts the first encrypted ciphertext EN_key1 of the synthetic key, and obtains a ciphertext EN_key2, i.e., spblob. However, the storage method of the synthetic key ciphertext is changed, as shown in FIG4 , and the encrypted synthetic key ciphertext is stored in the RPMB.

Further, storing the first ciphertext in the RPMB includes:

The first ciphertext is associated with the key identifier of the synthetic key and stored in the RPMB.

That is, the synthetic key ciphertext and the key identifier associated with the synthetic key can be stored in the RPMB in association, and the key identifier can be a security identifier SID involved in encrypting the synthetic key, and the key identifier is used to identify the synthetic key. The key ciphertext is stored in the memory so that the corresponding synthetic key ciphertext can be retrieved according to the key identifier. In this way, the specified synthetic key ciphertext can be erased according to the key identifier when necessary, realizing fine-grained physical erasure.

In this way, there is no need to generate new parameters or change the synthetic key encryption method. You only need to store the synthetic key ciphertext in RPMB. By erasing the synthetic key ciphertext, others cannot obtain the synthetic key ciphertext, and thus cannot obtain the synthetic key by decrypting the synthetic key ciphertext, and then cannot decrypt to obtain the CE key, and ultimately cannot access user data, greatly reducing the possibility of user data leakage.

Optionally, step 301 includes:

The key-related information is sent to the UFS driver through the key management trusted application, the RPMB trusted application, the RPMB kernel driver, the REE file operation interface and the RPMB monitoring module in sequence;

The UFS driver calls the RPMB storage function provided by the UFS controller to write the key-related information into the RPMB.

In one implementation, in order to support the storage of the key-related information in the RPMB, it is necessary to improve the relevant modules, including adding communication functions and message processing functions between relevant modules.

Specifically, a corresponding key information management module needs to be added to the RPMB trusted application TA to support functions such as writing the key-related information in the RMPB; the message processing capability for the key-related information is added to functional modules such as the RPMB kernel driver (RPMB kernel driver), the REE file operation interface (REE file operation interface), and the RPMB listener module (RPMB listener) to support receiving, processing, and forwarding messages related to the writing of the key-related information; and related messages are added between modules such as the key management trusted application (Keymaster TA), RPMB TA, RPMB kernel driver, REE file operation interface, and RPMB listener to support functions such as writing the key-related information.

In addition, it is necessary to increase the communication function between the Keymaster TA and the RPMB TA to support the Keymaster TA to send the key-related information to the RPMB TA.

In this way, when the key-related information needs to be stored in the RPMB, the key-related information can be sent to the key information management module in the RPMB TA through the Keymaster TA, and then the key information management module in the RPMB TA sends the key-related information to the RPMB kernel driver, and the RPMB kernel driver sends the key-related information to the REE file operation interface, and the REE file operation interface continues to send the key-related information to the RPMB listener, and the RPMB listener further sends the key-related information to the UFS driver (UFSDriver), and finally the UFSDriver calls the RPMB storage function provided by the UFS controller (UFS Controller) to write the key-related information into the RPMB.

Optionally, calling a replay protection memory block RPMB erasing function to physically erase the key related information stored in the RPMB includes:

Sending RPMB erase message to the universal flash storage UFS driver through the key management trusted application, RPMB trusted application, RPMB kernel driver, REE file operation interface and RPMB monitoring module in sequence;

The UFS driver calls the RPMB erasing function provided by the UFS controller to physically erase the key-related information stored in the RPMB.

In one implementation, in order to support calling the RPMB erase function to physically erase the key-related information in the RPMB, it is necessary to improve the relevant modules, including adding communication functions and message processing functions between relevant modules.

Specifically, a corresponding key information management module needs to be added to the RPMB trusted application TA to support functions such as writing and physically erasing the key-related information in the RMPB; message processing capabilities for the key-related information are added to functional modules such as the RPMB kernel driver, REE file operation interface, and RPMB listener to support receiving, processing, and forwarding messages related to physical erasure of the key-related information; and related messages are added between the Keymaster TA, RPMB TA, RPMB kernel driver, REE file operation interface, RPMB listener, and other modules to support functions such as physical erasure of the key-related information.

In addition, it is necessary to increase the communication function between the Keymaster TA and the RPMB TA to support the Keymaster TA to send an erase message of the key-related information to the RPMB TA.

It should be noted that in the embodiment of the present application, the physical erase function of the flash memory RPMB partition is supported in hardware, and the RPMB Purge API is provided externally in the firmware.

In this way, when it is necessary to erase the key-related information in the RPMB, an RPMB erase message can be sent to the key information management module in the RPMB TA through the Keymaster TA, and then the key information management module in the RPMB TA sends the RPMB erase message to the RPMB kernel driver, and the RPMB kernel driver sends the RPMB erase message to the REE file operation interface, and the REE file operation interface continues to send the RPMB erase message to the RPMB listener, and the RPMB listener further sends the RPMB erase message to the UFS driver (UFSDriver), and finally the RPMB erase function provided by the UFS controller (UFSController) is called through the UFSDriver, that is, the RPMB Purge API is accessed to physically erase the key-related information in the RPMB.

Optionally, after step 301 and before receiving an instruction for instructing to delete user data, the method further includes:

Send a key read message to the UFS driver through the key management trusted application, RPMB trusted application, RPMB kernel driver, REE file operation interface and RPMB monitoring module in sequence;

Calling the RPMB reading function provided by the UFS controller through the UFS driver to read the key related information from the RPMB;

The key-related information is sent to the key management trusted application through the UFS driver, the RPMB monitoring module, the REE file operation interface, the RPMB kernel driver and the RPMB trusted application in sequence;

Determine the plaintext of the synthetic key according to the key-related information;

The user credential encryption key CE key is decrypted according to the plain text of the synthetic key.

In one implementation, in order to support reading the key-related information in the RPMB to decrypt the synthetic key ciphertext, it is necessary to improve the relevant modules, including adding communication functions and message processing functions between relevant modules.

Specifically, a corresponding key information acquisition module needs to be added to the key management trusted application (Keymaster TA) to support the acquisition of the key-related information from the RPMB through the RPMB trusted application TA; a corresponding key information management module needs to be added to the RPMB trusted application TA to support functions such as reading the key-related information in the RMPB.

The message processing capability for the key-related information is added to the functional modules such as the RPMB kernel driver, REE file operation interface, and RPMB listener module to support the receiving, processing, and forwarding of messages related to the reading of the key-related information; and related messages are added between the Keymaster TA, RPMB TA, RPMB kernel driver, REE file operation interface, RPMB listener and other modules to support functions such as the reading of the key-related information.

In addition, it is necessary to increase the communication function between the Keymaster TA and the RPMB TA to support the Keymaster TA in obtaining the key-related information from the RPMB TA.

It should be noted that in the embodiment of the present application, the physical erase function of the flash memory RPMB partition is supported in hardware, and the RPMB Purge API is provided externally in the firmware.

In this way, when it is necessary to decrypt the relevant encrypted files in the electronic device, the key-related information in the RPMB can be read. Specifically, the key information acquisition module in the Keymaster TA can send a key reading message to the key information management module in the RPMB TA, and then the key information management module in the RPMB TA sends the key reading message to the RPMB kernel driver, and the RPMB kernel driver sends the key reading message to the REE file operation interface, and the REE file operation interface continues to send the key reading message to the RPMB listener, and the RPMB listener further sends the key reading message to the UFS driver (UFSDriver), and finally the RPMB reading function provided by the UFS controller (UFS Controller) is called by the UFSDriver to read the key-related information from the RPMB.

The read key-related information is then passed by the UFS driver in sequence to the RPMB listener, the REE file operation interface, the RPMB kernel driver and the key information management module in the RPMB TA, and finally the key information management module in the RPMB TA sends the key-related information to the key information acquisition module in the Keymaster TA.

When the key-related information is the first parameter, i.e., the synthetic key protection factor, the keystore in the REE obtains the synthetic key ciphertext from the UDA, i.e., the second encrypted ciphertext of the synthetic key, and the Keymaster TA uses the first parameter, i.e., the synthetic key protection factor, to decrypt the second encrypted ciphertext of the synthetic key to obtain the first encrypted ciphertext of the synthetic key, and then uses the first key, i.e., key1, to decrypt the first encrypted ciphertext of the synthetic key to obtain the plaintext of the synthetic key, and finally uses the plaintext of the synthetic key to decrypt the user credential encryption key CE key, and subsequently the encrypted file can be decrypted using the CE key plaintext.

When the key-related information is the first ciphertext, i.e., the synthetic key ciphertext, which is also the second encrypted ciphertext of the synthetic key, the Keymaster TA derives the root key KM according to the HUK and other parameters 1, and then derives the second key, i.e., key2, according to KM, SID and other parameters 2, and then uses the second key, i.e., key2, to decrypt the first ciphertext, i.e., the second encrypted ciphertext of the synthetic key, to obtain the first encrypted ciphertext of the synthetic key. The first encrypted ciphertext of the synthetic key is then decrypted using the first key, i.e. key1, to obtain the plaintext of the synthetic key. Finally, the plaintext of the synthetic key is used to decrypt the user credential encryption key CE key, and subsequently the encrypted file can be decrypted using the CE key plaintext.

The following describes the functional frameworks that need to be improved in two different solutions:

When the key-related information includes the first parameter, i.e., the synthetic key protection factor, it is necessary to improve the functional framework for obtaining the CE key in FIG2 . The improved functional framework is shown in FIG5 .

Specifically, a synthetic key protection factor acquisition module is added to the Keymaster TA to support obtaining the synthetic key protection factor from the RPMB through the RPMB TA when necessary, and the key generation module is improved to support the participation of the synthetic key protection factor in the encryption calculation of the synthetic key.

Add a synthetic key protection factor management module in RPMB TA to support writing, reading, and physical erasing of synthetic key protection factors in RMPB;

Add the message processing capability of synthetic key protection factor in the RPMB kernel driver, REE file operation interface, RPMB listener and other functional modules to support the reception, processing and forwarding of messages related to the writing, reading and physical erasure of synthetic key protection factor; add relevant messages between functional modules to support the writing, reading and physical erasure of synthetic key protection factor;

Improvements to the communication between Keymaster TA and RPMB TA, adding messages to support Keymaster TA to obtain synthetic key protection factors from RPMB TA.

When the key-related information includes synthetic key ciphertext, it is necessary to improve the functional framework for obtaining the CE key in Figure 2. The improved functional framework is shown in Figure 6.

Specifically, a synthetic key ciphertext acquisition module is added to the Keymaster TA to support obtaining the synthetic key ciphertext from the RPMB through the RPMB TA when necessary.

Add a synthetic key ciphertext management module in RPMB TA to support writing, reading, and physical erasing of synthetic key ciphertext in RMPB;

Add the message processing capability of synthetic key ciphertext in the RPMB kernel driver, REE file operation interface, RPMB listener and other functional modules to support the reception, processing and forwarding of messages related to the writing, reading and physical erasure of synthetic key ciphertext; add related messages between functional modules to support the writing, reading and physical erasure of synthetic key ciphertext;

Improvements to the communication between Keymaster TA and RPMB TA, adding messages to support Keymaster TA to obtain synthetic key ciphertext from RPMB TA.

Through the embodiments of the present application, in scenarios where an electronic device is lost, stolen, abandoned or transferred, the user can proactively delete sensitive data on the electronic device quickly, efficiently and securely, so that even if an attacker obtains the user's electronic device, the deleted data cannot be recovered, thereby preventing the leakage of user sensitive information.

The information management method in the embodiment of the present application stores key-related information in a replay protection memory block RPMB, wherein the key-related information includes a first parameter or a first ciphertext, the first parameter is used to encrypt a synthetic key, and the first ciphertext is a ciphertext obtained by encrypting the synthetic key; when an instruction for instructing to delete user data is received, In this case, the RPMB erasure function is called to physically erase the key-related information stored in the RPMB, wherein the key-related information is used to determine the key for encrypting the user data. In this way, by changing the key-related information related to the user data to be stored in the RPMB, when the user data on the electronic device needs to be deleted, the RPMB erasure interface can be controlled to be called to quickly physically erase the key-related information stored in the RPMB, thereby achieving the purpose of quickly and safely deleting the user data.

The information management method provided in the embodiment of the present application can be executed by an information management device. In the embodiment of the present application, the information management device provided in the embodiment of the present application is described by taking the information management device executing the information management method as an example.

Please refer to FIG. 7 , which is a schematic diagram of the structure of an information management device provided in an embodiment of the present application. As shown in FIG. 7 , the information management device 700 includes:

A storage module 701 is used to store key-related information in a replay protection memory block RPMB, wherein the key-related information includes a first parameter or a first ciphertext, the first parameter is used to encrypt a synthetic key, and the first ciphertext is a ciphertext obtained by encrypting the synthetic key;

The erasure module 702 is used to call the RPMB erasure function upon receiving an instruction to delete user data, and physically erase the key-related information stored in the RPMB, wherein the key-related information is used to determine the key for encrypting the user data.

Optionally, the key-related information includes the first parameter;

The information management device 700 further includes:

A first encryption module, encrypting the synthetic key according to the first parameter;

The storage module 701 is used to store the first parameter in the RPMB.

Optionally, the first encryption module is used for any of the following:

Encrypting the synthetic key according to the first key to obtain a second ciphertext; encrypting the second ciphertext according to the third key to obtain a third ciphertext, wherein the third key is determined according to the root key, and the root key is determined according to the first parameter;

Encrypting the synthetic key according to the first key to obtain a second ciphertext; encrypting the second ciphertext according to a fourth key to obtain a fourth ciphertext, wherein the fourth key is determined according to the first parameter;

The synthetic key is encrypted according to the first key to obtain a second ciphertext; the second ciphertext is encrypted according to the first parameter and the second key to obtain a fifth ciphertext, wherein the first key and the second key are determined in different ways.

Optionally, the key-related information includes the first ciphertext;

The information management device 700 includes:

a second encryption module, configured to encrypt the synthetic key according to the first key to obtain a second ciphertext, and to encrypt the second ciphertext according to the second key to obtain the first ciphertext, wherein the first key and the second key are determined in different ways;

The storage module 701 is used to store the first ciphertext in the RPMB.

Optionally, the erasing module 702 includes:

A first sending unit is used to send an RPMB erase message to a universal flash storage UFS driver through a key management trusted application, an RPMB trusted application, an RPMB kernel driver, a REE file operation interface, and an RPMB monitoring module in sequence;

An erasing unit is used to call the RPMB erasing function provided by the UFS controller through the UFS driver to physically erase the key-related information stored in the RPMB.

Optionally, the storage module 701 includes:

A second sending unit is used to send the key-related information to the UFS driver through the key management trusted application, the RPMB trusted application, the RPMB kernel driver, the REE file operation interface and the RPMB monitoring module in sequence;

The writing unit is used to call the RPMB storage function provided by the UFS controller through the UFS driver to write the key related information into the RPMB.

Optionally, the information management device 700 further includes:

A sending module, used to send a key reading message to the UFS driver through the key management trusted application, the RPMB trusted application, the RPMB kernel driver, the REE file operation interface and the RPMB monitoring module in sequence;

A reading module, configured to call an RPMB reading function provided by a UFS controller through the UFS driver to read the key-related information from the RPMB;

A transmission module, configured to send the read key-related information to the key management trusted application through the UFS driver, the RPMB listening module, the REE file operation interface, the RPMB kernel driver and the RPMB trusted application in sequence;

A determination module, used to determine the plaintext of the synthetic key according to the key-related information;

A decryption module is used to decrypt the user credential encryption key CE key according to the plain text of the synthetic key.

The information management device in the embodiment of the present application stores key-related information in a replay protection memory block RPMB, wherein the key-related information includes a first parameter or a first ciphertext, wherein the first parameter is used to encrypt a synthetic key, and the first ciphertext is a ciphertext encrypted with the synthetic key; upon receiving an instruction for instructing to delete user data, the RPMB erase function is called to physically erase the key-related information stored in the RPMB, wherein the key-related information is used to determine the key for encrypting the user data. In this way, by changing the key-related information related to user data to be stored in the RPMB, when it is necessary to delete user data on an electronic device, it is possible to control the call of the RPMB erase interface to quickly physically erase the key-related information stored in the RPMB, thereby achieving the purpose of quickly and securely deleting user data.

The information management device in the embodiment of the present application can be an electronic device or a component in the electronic device, such as an integrated circuit or a chip. The electronic device can be a terminal or other devices other than a terminal. Exemplarily, the electronic device can be a mobile phone, a tablet computer, a laptop computer, a PDA, a vehicle-mounted electronic device, a mobile Internet device (Mobile Internet Device, MID), an augmented reality (Augmented Reality, AR)/virtual reality (Virtual Reality, VR) device, a robot, a wearable device, an ultra-mobile personal computer (Ultra-Mobile Personal Computer, UMPC), a netbook or a personal digital assistant (Personal Digital Assistant, PDA), etc. It can also be a server, a network attached storage (Network Attached Storage, NAS), a personal computer (Personal Computer, PC), television (Television, TV), ATM or self-service machine, etc., the embodiments of the present application are not specifically limited.

The information management device in the embodiment of the present application may be a device having an operating system. The operating system may be an Android operating system, an iOS operating system, or other possible operating systems, which are not specifically limited in the embodiment of the present application.

The information management device provided in the embodiment of the present application can implement each process implemented by the method embodiment of Figure 3. To avoid repetition, it will not be repeated here.

Optionally, as shown in Figure 8, an embodiment of the present application also provides an electronic device 800, including a processor 801 and a memory 802, and the memory 802 stores a program or instruction that can be executed on the processor 801. When the program or instruction is executed by the processor 801, the various steps of the above-mentioned information management method embodiment are implemented, and the same technical effect can be achieved. To avoid repetition, it will not be repeated here.

It should be noted that the electronic devices in the embodiments of the present application include the mobile electronic devices and non-mobile electronic devices mentioned above.

FIG. 9 is a schematic diagram of the hardware structure of an electronic device implementing an embodiment of the present application.

The electronic device 900 includes but is not limited to: a radio frequency unit 901, a network module 902, an audio output unit 903, an input unit 904, a sensor 905, a display unit 906, a user input unit 907, an interface unit 908, a memory 909, and a processor 910 and other components.

Those skilled in the art will appreciate that the electronic device 900 may also include a power source (such as a battery) for supplying power to each component, and the power source may be logically connected to the processor 910 through a power management system, so that the power management system can manage charging, discharging, and power consumption. The electronic device structure shown in FIG9 does not constitute a limitation on the electronic device, and the electronic device may include more or fewer components than shown, or combine certain components, or arrange components differently, which will not be described in detail here.

The processor 910 is configured to store key-related information in a replay protection memory block RPMB, wherein the key-related information includes a first parameter or a first ciphertext, the first parameter is used to encrypt a synthetic key, and the first ciphertext is a ciphertext encrypted from the synthetic key;

In case of receiving an instruction for deleting user data, the RPMB erase function is called to physically erase the key-related information stored in the RPMB, wherein the key-related information is used to determine the key for encrypting the user data.

Optionally, the key-related information includes the first parameter;

Processor 910 is also used to encrypt the synthetic key according to the first parameter; and store the first parameter in the RPMB.

Optionally, the processor 910 is further configured to:

Encrypting the synthetic key according to the first key to obtain a second ciphertext; encrypting the second ciphertext according to the third key to obtain a third ciphertext, wherein the third key is determined according to the root key, and the root key is determined according to the first parameter;

Encrypting the synthetic key according to the first key to obtain a second ciphertext; encrypting the second ciphertext according to a fourth key to obtain a fourth ciphertext, wherein the fourth key is determined according to the first parameter;

The synthetic key is encrypted according to the first key to obtain a second ciphertext; the second ciphertext is encrypted according to the first parameter and the second key to obtain a fifth ciphertext, wherein the first key and the second key are determined in different ways.

Optionally, the key-related information includes the first ciphertext;

Processor 910 is also used to encrypt the synthetic key according to the first key to obtain a second ciphertext, and to encrypt the second ciphertext according to the second key to obtain the first ciphertext, wherein the first key and the second key are determined using different methods; and the first ciphertext is stored in the RPMB.

Optionally, the processor 910 is further configured to send an RPMB erase message to a universal flash storage UFS driver through a key management trusted application, an RPMB trusted application, an RPMB kernel driver, a REE file operation interface, and RPMB monitoring in sequence;

The UFS driver calls the RPMB erasing function provided by the UFS controller to physically erase the key-related information stored in the RPMB.

Optionally, the processor 910 is further configured to send the key-related information to the UFS driver through the key management trusted application, the RPMB trusted application, the RPMB kernel driver, the REE file operation interface and the RPMB monitoring module in sequence;

The UFS driver calls the RPMB storage function provided by the UFS controller to write the key-related information into the RPMB.

Optionally, the processor 910 is further configured to send a key read message to the UFS driver through the key management trusted application, the RPMB trusted application, the RPMB kernel driver, the REE file operation interface and the RPMB monitoring module in sequence;

Calling the RPMB reading function provided by the UFS controller through the UFS driver to read the key related information from the RPMB;

The key-related information is sent to the key management trusted application through the UFS driver, the RPMB monitoring module, the REE file operation interface, the RPMB kernel driver and the RPMB trusted application in sequence;

Determine the plaintext of the synthetic key according to the key-related information;

The user credential encryption key CE key is decrypted according to the plain text of the synthetic key.

It should be understood that in the embodiment of the present application, the input unit 904 may include a graphics processing unit (GPU) 9041 and a microphone 9042, and the graphics processor 9041 processes the image data of a static picture or video obtained by an image capture device (such as a camera) in a video capture mode or an image capture mode. The display unit 906 may include a display panel 9061, and the display panel 9061 may be configured in the form of a liquid crystal display, an organic light emitting diode, etc. The user input unit 907 includes a touch panel 9071 and at least one of other input devices 9072. The touch panel 9071 is also called a touch screen. The touch panel 9071 may include two parts: a touch detection device and a touch controller. Other input devices 9072 may include, but are not limited to, a physical keyboard, function keys (such as a volume control button, a switch button, etc.), a trackball, a mouse, and a joystick, which will not be repeated here.

The memory 909 can be used to store software programs and various data. The memory 909 may mainly include a first storage area for storing programs or instructions and a second storage area for storing data, wherein the first storage area may store an operating system, an application program or instructions required for at least one function (such as a sound playback function, an image playback function, etc.), etc. In addition, the memory 909 may include a volatile memory or a non-volatile memory, or the memory 909 may include both volatile and non-volatile memories. Among them, the non-volatile memory may be a read-only memory (ROM), a programmable read-only memory (PROM), an erasable programmable read-only memory (EPROM), an electrically erasable programmable read-only memory (EEPROM), or a flash memory. The volatile memory may be a random access memory (RAM), a static random access memory (SRAM), a dynamic random access memory (DRAM), a synchronous dynamic random access memory (SDRAM), a double data rate synchronous dynamic random access memory (DDRSDRAM), an enhanced synchronous dynamic random access memory (ESDRAM), a synchronous link dynamic random access memory (SLDRAM) and a direct memory bus random access memory (DRRAM). The memory 909 in the embodiment of the present application includes but is not limited to these and any other suitable types of memory.

The processor 910 may include one or more processing units; optionally, the processor 910 integrates an application processor and a modem processor, wherein the application processor mainly processes operations related to an operating system, a user interface, and application programs, and the modem processor mainly processes wireless communication signals, such as a baseband processor. It is understandable that the modem processor may not be integrated into the processor 910.

An embodiment of the present application also provides a readable storage medium, on which a program or instruction is stored. When the program or instruction is executed by a processor, the various processes of the above-mentioned information management method embodiment are implemented and the same technical effect can be achieved. To avoid repetition, it will not be repeated here.

The processor is the processor in the electronic device described in the above embodiment. The readable storage medium includes a computer readable storage medium, such as a computer read-only memory ROM, a random access memory RAM, a magnetic disk or an optical disk.

An embodiment of the present application further provides a chip, which includes a processor and a communication interface, wherein the communication interface is coupled to the processor, and the processor is used to run programs or instructions to implement the various processes of the above-mentioned information management method embodiment, and can achieve the same technical effect. To avoid repetition, it will not be repeated here.

It should be understood that the chip mentioned in the embodiments of the present application can also be called a system-level chip, a system chip, a chip system or a system-on-chip chip, etc.

An embodiment of the present application provides a computer program product, which is stored in a storage medium. The program product is executed by at least one processor to implement the various processes of the above-mentioned information management method embodiment and can achieve the same technical effect. To avoid repetition, it will not be repeated here.

It should be noted that, in this article, the terms "include", "comprises" or any other variations thereof are intended to cover non-exclusive inclusion, so that a process, method, article or device including a series of elements includes not only those elements, but also other elements not explicitly listed, or also includes the elements required for such process, method, article or device. Inherent elements. In the absence of further restrictions, an element defined by the statement "comprising a ..." does not exclude the presence of other identical elements in the process, method, article or device comprising the element. In addition, it should be noted that the scope of the methods and devices in the embodiments of the present application is not limited to performing functions in the order shown or discussed, and may also include performing functions in a substantially simultaneous manner or in reverse order according to the functions involved. For example, the described method may be performed in an order different from that described, and various steps may be added, omitted, or combined. In addition, the features described with reference to certain examples may be combined in other examples.

Through the description of the above implementation methods, those skilled in the art can clearly understand that the above-mentioned embodiment methods can be implemented by means of software plus a necessary general hardware platform, and of course by hardware, but in many cases the former is a better implementation method. Based on such an understanding, the technical solution of the present application, or the part that contributes to the prior art, can be embodied in the form of a computer software product, which is stored in a storage medium (such as ROM/RAM, a disk, or an optical disk), and includes a number of instructions for a terminal (which can be a mobile phone, a computer, a server, or a network device, etc.) to execute the methods described in each embodiment of the present application.

The embodiments of the present application are described above in conjunction with the accompanying drawings, but the present application is not limited to the above-mentioned specific implementation methods. The above-mentioned specific implementation methods are merely illustrative and not restrictive. Under the guidance of the present application, ordinary technicians in this field can also make many forms without departing from the purpose of the present application and the scope of protection of the claims, all of which are within the protection of the present application.

Claims (17)

An information management method, comprising: The key-related information is stored in a replay protection memory block RPMB, wherein the key-related information includes a first parameter or a first ciphertext, the first parameter is used to encrypt the synthetic key, and the first ciphertext is the ciphertext obtained by encrypting the synthetic key; In case of receiving an instruction for deleting user data, the RPMB erase function is called to physically erase the key-related information stored in the RPMB, wherein the key-related information is used to determine the key for encrypting the user data. The method according to claim 1, wherein the key-related information includes the first parameter; Before storing the key related information in the RPMB, the method further includes: encrypting the synthetic key according to the first parameter; The storing of key-related information in the RPMB includes: Storing the first parameter in the RPMB; or, The key-related information includes the first ciphertext; Before storing the key related information in the RPMB, the method further includes: Encrypting the synthetic key according to the first key to obtain a second ciphertext, and encrypting the second ciphertext according to the second key to obtain the first ciphertext, wherein the first key and the second key are determined in different ways; The storing of key-related information in the RPMB includes: The first ciphertext is stored in the RPMB. The method according to claim 2, wherein encrypting the synthetic key according to the first parameter comprises any of the following: Encrypting the synthetic key according to the first key to obtain a second ciphertext; encrypting the second ciphertext according to the third key to obtain a third ciphertext, wherein the third key is determined according to the root key, and the root key is determined according to the first parameter; Encrypting the synthetic key according to the first key to obtain a second ciphertext; encrypting the second ciphertext according to a fourth key to obtain a fourth ciphertext, wherein the fourth key is determined according to the first parameter; The synthetic key is encrypted according to the first key to obtain a second ciphertext; the second ciphertext is encrypted according to the first parameter and the second key to obtain a fifth ciphertext, wherein the first key and the second key are determined in different ways. The method according to claim 1, wherein the calling of the RPMB erasure function to physically erase the key-related information stored in the RPMB comprises: Sending RPMB erase message to the universal flash storage UFS driver through the key management trusted application, RPMB trusted application, RPMB kernel driver, REE file operation interface and RPMB monitoring module in sequence; The UFS driver calls the RPMB erasing function provided by the UFS controller to physically erase the key-related information stored in the RPMB. The method according to claim 1, wherein storing the key-related information in the RPMB comprises: The key-related information is sent to the UFS driver through the key management trusted application, the RPMB trusted application, the RPMB kernel driver, the REE file operation interface and the RPMB monitoring module in sequence; The UFS driver calls the RPMB storage function provided by the UFS controller to write the key-related information into the RPMB. The method according to claim 1, wherein after storing the key-related information in the RPMB and before receiving an instruction to instruct deletion of user data, the method further comprises: Send a key read message to the UFS driver through the key management trusted application, RPMB trusted application, RPMB kernel driver, REE file operation interface and RPMB monitoring module in sequence; Calling the RPMB reading function provided by the UFS controller through the UFS driver to read the key related information from the RPMB; The key-related information read is sent to the key management trusted application through the UFS driver, the RPMB monitoring module, the REE file operation interface, the RPMB kernel driver and the RPMB trusted application in sequence; Determine the plaintext of the synthetic key according to the key-related information; The user credential encryption key CE key is decrypted according to the plain text of the synthetic key. An information management device, comprising: A storage module, configured to store key-related information in a replay protection memory block RPMB, wherein the key-related information includes a first parameter or a first ciphertext, the first parameter is used to encrypt a synthetic key, and the first ciphertext is a ciphertext encrypted from the synthetic key; An erasure module is used to call the RPMB erasure function upon receiving an instruction to delete user data, and physically erase the key-related information stored in the RPMB, wherein the key-related information is used to determine the key for encrypting the user data. The information management device according to claim 7, wherein the key-related information includes the first parameter; The information management device also includes: A first encryption module, encrypting the synthetic key according to the first parameter; The storage module is used to store the first parameter in the RPMB; or, The key-related information includes the first ciphertext; The information management device comprises: a second encryption module, configured to encrypt the synthetic key according to the first key to obtain a second ciphertext, and to encrypt the second ciphertext according to the second key to obtain the first ciphertext, wherein the first key and the second key are determined in different ways; The storage module is used to store the first ciphertext in the RPMB. The information management device according to claim 8, wherein the first encryption module is used for any of the following: Encrypting the synthetic key according to the first key to obtain a second ciphertext; encrypting the second ciphertext according to the third key to obtain a third ciphertext, wherein the third key is determined according to the root key, and the root key is determined according to the first parameter; Encrypting the synthetic key according to the first key to obtain a second ciphertext; encrypting the second ciphertext according to a fourth key to obtain a fourth ciphertext, wherein the fourth key is determined according to the first parameter; The synthetic key is encrypted according to the first key to obtain a second ciphertext; the second ciphertext is encrypted according to the first parameter and the second key to obtain a fifth ciphertext, wherein the first key and the second key are determined in different ways. The information management device according to claim 7, wherein the erasure module comprises: A first sending unit is used to send an RPMB erase message to the UFS driver through a key management trusted application, an RPMB trusted application, an RPMB kernel driver, a REE file operation interface, and an RPMB monitoring module in sequence; An erasing unit is used to call the RPMB erasing function provided by the UFS controller through the UFS driver to physically erase the key-related information stored in the RPMB. The information management device according to claim 7, wherein the storage module comprises: A second sending unit is used to send the key-related information to the UFS driver through the key management trusted application, the RPMB trusted application, the RPMB kernel driver, the REE file operation interface and the RPMB monitoring module in sequence; The writing unit is used to call the RPMB storage function provided by the UFS controller through the UFS driver to write the key related information into the RPMB. The information management device according to claim 7, wherein the information management device further comprises: A sending module, used to send a key reading message to the UFS driver through the key management trusted application, the RPMB trusted application, the RPMB kernel driver, the REE file operation interface and the RPMB monitoring module in sequence; A reading module, configured to call an RPMB reading function provided by a UFS controller through the UFS driver to read the key-related information from the RPMB; A transmission module, configured to send the read key-related information to the key management trusted application through the UFS driver, the RPMB listening module, the REE file operation interface, the RPMB kernel driver and the RPMB trusted application in sequence; A determination module, used to determine the plaintext of the synthetic key according to the key-related information; The decryption module is used to decrypt the CE key according to the plain text of the synthetic key. An electronic device comprises a processor and a memory, wherein the memory stores a program or instruction that can be run on the processor, and when the program or instruction is executed by the processor, the steps of the information management method as described in any one of claims 1 to 6 are implemented. A readable storage medium stores a program or instruction, and when the program or instruction is executed by a processor, the steps of the information management method according to any one of claims 1 to 6 are implemented. A chip, comprising a processor and a communication interface, wherein the communication interface is coupled to the processor, and the processor is used to run a program or instruction to implement the steps of the information management method according to any one of claims 1 to 6. A computer program product, wherein the computer program product is executed by at least one processor to implement the steps of the information management method according to any one of claims 1 to 6. An electronic device, wherein the electronic device is configured to execute the steps of the information management method according to any one of claims 1 to 6.