[go: up one dir, main page]

CN112286550B - A security signature algorithm for embedded device system upgrade - Google Patents

A security signature algorithm for embedded device system upgrade Download PDF

Info

Publication number
CN112286550B
CN112286550B CN202011138496.0A CN202011138496A CN112286550B CN 112286550 B CN112286550 B CN 112286550B CN 202011138496 A CN202011138496 A CN 202011138496A CN 112286550 B CN112286550 B CN 112286550B
Authority
CN
China
Prior art keywords
signature
data
block
signature algorithm
algorithm
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202011138496.0A
Other languages
Chinese (zh)
Other versions
CN112286550A (en
Inventor
仵晨阳
孙荣卫
张波
武鹏程
高佳玲
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shanghai Abup Intelligent Technology Co ltd
Original Assignee
Shanghai Abup Intelligent Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shanghai Abup Intelligent Technology Co ltd filed Critical Shanghai Abup Intelligent Technology Co ltd
Priority to CN202011138496.0A priority Critical patent/CN112286550B/en
Publication of CN112286550A publication Critical patent/CN112286550A/en
Application granted granted Critical
Publication of CN112286550B publication Critical patent/CN112286550B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/65Updates
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Communication Control (AREA)
  • Techniques For Improving Reliability Of Storages (AREA)

Abstract

本发明公开了一种嵌入式设备系统升级的安全性签名算法,属于嵌入式操作系统升级和数据安全加密技术领域,该方法包括如下步骤:步骤一,读取待差分的二进制数据包;步骤二,对数据包进行分块;步骤三,使用预定好的签名算法对数据块分别进行签名,并记录签名算法标记值;步骤四,检验对应块的签名数据,判断是否签名数据存在冲突,若未发生签名冲突,则进行步骤七;步骤五,若签名数据发生冲突,则调整分块的大小,重复步骤二至步骤四,直至数据块签名唯一,进行步骤七。本发明的方法理论上和实践上都完全避免了数据块签冲突导致升级失败的隐患,提高了系统升级的安全。

The present invention discloses a security signature algorithm for upgrading an embedded device system, belonging to the field of embedded operating system upgrading and data security encryption technology, the method comprising the following steps: step one, reading a binary data packet to be differentiated; step two, dividing the data packet into blocks; step three, using a predetermined signature algorithm to sign the data blocks respectively, and recording the signature algorithm tag value; step four, checking the signature data of the corresponding block, judging whether there is a conflict in the signature data, if no signature conflict occurs, proceeding to step seven; step five, if there is a conflict in the signature data, adjusting the size of the blocks, repeating steps two to four, until the data block signature is unique, and proceeding to step seven. The method of the present invention completely avoids the hidden danger of upgrade failure caused by data block signature conflict in theory and practice, and improves the security of system upgrade.

Description

一种嵌入式设备系统升级的安全性签名算法A security signature algorithm for embedded device system upgrade

技术领域Technical Field

本发明涉及嵌入式操作系统升级和数据安全加密技术领域,具体为一种嵌入式设备系统升级的安全性签名算法。The invention relates to the technical field of embedded operating system upgrade and data security encryption, and in particular to a security signature algorithm for embedded device system upgrade.

背景技术Background Art

嵌入式操作系统被广泛的用于各个领域,同时为了适应业务更新,终端系统的更新换代也是常规性的迭代。为提高系统升级的可靠性、安全性,在升级掉电的情况下,消除升级失败的隐患,本发明基于本公司自行研发的发明专利《针对IOT设备二进制系统文件的差分升级算法》、《基于块回写的自适应双向差分算法》和《整数数组的混合打包压缩技术》的基础上,开发了一款针对嵌入式设备系统升级的安全性签名算法。Embedded operating systems are widely used in various fields. At the same time, in order to adapt to business updates, the terminal system is also a regular iteration. In order to improve the reliability and security of system upgrades and eliminate the hidden dangers of upgrade failure in the case of power failure during upgrades, this invention is based on the company's self-developed invention patents "Differential Upgrade Algorithm for Binary System Files of IOT Devices", "Adaptive Bidirectional Differential Algorithm Based on Block Writeback" and "Hybrid Packaging Compression Technology for Integer Arrays", and has developed a security signature algorithm for embedded device system upgrades.

发明内容Summary of the invention

本发明的目的在于提供一种嵌入式设备系统升级的安全性签名算法,以解决上述背景技术中提出的问题。The purpose of the present invention is to provide a security signature algorithm for upgrading an embedded device system to solve the problems raised in the above background technology.

为实现上述目的,本发明提供如下技术方案:一种嵌入式设备系统升级的安全性签名算法,包括如下步骤:To achieve the above object, the present invention provides the following technical solution: a security signature algorithm for embedded device system upgrade, comprising the following steps:

步骤一,读取待差分的二进制数据包;Step 1, reading the binary data packet to be differentiated;

步骤二,对数据包进行分块;Step 2: Divide the data packet into blocks;

步骤三,使用预定好的签名算法对数据块分别进行签名,并记录签名算法标记值;Step 3: Use the predetermined signature algorithm to sign the data blocks respectively, and record the signature algorithm tag value;

步骤四,检验对应块的签名数据,判断是否签名数据存在冲突,若未发生签名冲突,则进行步骤七;Step 4: Check the signature data of the corresponding block to determine whether there is a conflict in the signature data. If no signature conflict occurs, proceed to step 7;

步骤五,若签名数据发生冲突,则调整分块的大小,重复步骤二至步骤四,直至数据块签名唯一,进行步骤七;Step 5: If the signature data conflicts, adjust the size of the block and repeat steps 2 to 4 until the data block signature is unique, and then proceed to step 7;

步骤六,若使用该签名算法,每一次调整的块大小都发生了签名冲突,则需要更换签名算法并重复步骤二至步骤五,直至数据块签名唯一;Step 6: If a signature conflict occurs every time the block size is adjusted using the signature algorithm, the signature algorithm needs to be changed and steps 2 to 5 need to be repeated until the data block signature is unique;

步骤七,记录分块的大小,签名数据,以及所用签名算法的标记值;Step 7: Record the size of the block, the signature data, and the tag value of the signature algorithm used;

步骤八,对分块成功的数据进行差分,打包;Step 8: Differentiate and package the successfully divided data;

步骤九,对打包后的数据进行压缩,写入差分包。Step nine, compress the packaged data and write it into a differential package.

优选的,所述步骤六中更换的签名算法为Murmur3、CRC32、xxHash或者lookup3,更换所述签名算法的顺序为Murmur3、CRC32、xxHash和lookup3。Preferably, the signature algorithm replaced in step six is Murmur3, CRC32, xxHash or lookup3, and the order of replacing the signature algorithm is Murmur3, CRC32, xxHash and lookup3.

优选的,所述步骤八中的差分得到的数据用比整数存储长度小的基础存储比特数对整数数组进行打包。Preferably, the data obtained by the difference in step eight is used to pack the integer array using a basic storage bit number that is smaller than the integer storage length.

优选的,所述步骤八中的差分分为正向和反向,所述正向和反向同时进行。Preferably, the differential in step eight is divided into forward and reverse directions, and the forward and reverse directions are performed simultaneously.

优选的,所述二进制数据包包括旧版本和新版本。Preferably, the binary data package includes an old version and a new version.

与现有技术相比,本发明的有益效果是:Compared with the prior art, the present invention has the following beneficial effects:

本发明,在差分前对数据分块并进行签名检验,保证了签名唯一性,以及掉电升级的可靠性;该发明方法理论上和实践上都完全避免了数据块签冲突导致升级失败的隐患,提高了系统升级的安全。The present invention divides data into blocks and performs signature verification before differentiation, thereby ensuring signature uniqueness and reliability of power-off upgrades; the inventive method completely avoids the hidden danger of upgrade failure caused by data block signature conflicts in theory and practice, and improves the security of system upgrades.

附图说明BRIEF DESCRIPTION OF THE DRAWINGS

图1为本发明的生成唯一签名数据的算法流程图;FIG1 is a flow chart of an algorithm for generating unique signature data according to the present invention;

图2为本发明的签名唯一性说明附图,其中(a)为升级时发生掉电的情况示意图,(b)为数据块签名都发生冲突的状况示意图,(c)为数据块签名不发生冲突的状况示意图;FIG2 is a diagram illustrating the uniqueness of signatures of the present invention, wherein (a) is a schematic diagram showing a power failure during an upgrade, (b) is a schematic diagram showing a situation where all data block signatures conflict, and (c) is a schematic diagram showing a situation where no data block signatures conflict;

图3为本发明的签名算法标记值说明附图。FIG. 3 is a diagram illustrating the signature algorithm tag value of the present invention.

具体实施方式DETAILED DESCRIPTION

下面将结合本发明实施例中的附图,对本发明实施例中的技术方案进行清楚、完整地描述,显然,所描述的实施例仅仅是本发明一部分实施例,而不是全部的实施例。基于本发明中的实施例,本领域普通技术人员在没有做出创造性劳动前提下所获得的所有其他实施例,都属于本发明保护的范围。The following will be combined with the drawings in the embodiments of the present invention to clearly and completely describe the technical solutions in the embodiments of the present invention. Obviously, the described embodiments are only part of the embodiments of the present invention, not all of the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by ordinary technicians in this field without creative work are within the scope of protection of the present invention.

请参阅图1,本发明提供一种技术方案:一种嵌入式设备系统升级的安全性签名算法,包括如下步骤:Please refer to FIG1 . The present invention provides a technical solution: a security signature algorithm for upgrading an embedded device system, comprising the following steps:

步骤101,读取待差分的二进制数据包。Step 101, read the binary data packet to be differentiated.

步骤102,分别对新旧版本的数据包进行分块。Step 102, dividing the data packets of the new and old versions into blocks respectively.

步骤103,使用预定好的签名算法对数据块分别进行签名,以便以在升级时发生掉电,准确定位掉电的位置以继续升级;避免了在掉电情况下升级的失败。Step 103, using a predetermined signature algorithm to sign the data blocks respectively, so that if a power failure occurs during the upgrade, the power failure position can be accurately located to continue the upgrade; thus avoiding the failure of the upgrade in the case of a power failure.

步骤104,验证签名数据,判断新旧版本对应块的签名是否相同,若对应块的签名数据都不同,则进行步骤107。Step 104 , verify the signature data, and determine whether the signatures of the corresponding blocks of the new and old versions are the same. If the signature data of the corresponding blocks are different, proceed to step 107 .

步骤105,若签名相同,则进一步判断对应数据内容是否相同,若数据内容相同,没有数据签名冲突,则进行步骤107。Step 105, if the signatures are the same, further determine whether the corresponding data content is the same. If the data content is the same and there is no data signature conflict, proceed to step 107.

步骤106,若数据内容不同,说明该块发生了数据签名冲突,则调整数据分块的大小,重复步骤102至步骤105,使之保证签名数据的唯一性,避免数据签名冲突。Step 106: If the data contents are different, it means that a data signature conflict has occurred in the block, so the size of the data block is adjusted, and steps 102 to 105 are repeated to ensure the uniqueness of the signature data and avoid data signature conflicts.

步骤107,记录分块大小,新旧版本的签名数据,以及所用算法的标记值,并写入差分包。Step 107, record the block size, the signature data of the new and old versions, and the tag value of the algorithm used, and write them into the differential package.

步骤108,对唯一签名的数据进行差分,对差分结果进行打包。Step 108, differential the uniquely signed data and package the differential result.

步骤109,对打包的数据进行压缩,并写入差分包。Step 109, compress the packaged data and write it into a differential packet.

实施方式中差分数据,均使用比整数存储长度小的基础存储比特数对整数数组进行打包,提高整数存储空间的有效利用;对打包后的数据再进行压缩。In the implementation method, differential data uses a basic storage bit number smaller than the integer storage length to pack the integer array, thereby improving the effective use of integer storage space; and the packed data is then compressed.

由于在嵌入式设备的系统掉电升级时,首先会校验第一块的数据签名,并与差分包所存储的新旧版本签名数据进行对比,若与旧版本签名数据相同,则从该块开始进行升级;若与旧版本签名数据不同,则对比对应新版本数据块签名,若与新版本数据块签名相同,则说明该块已经被升级过,依次对比下一块数据签名;若与新旧版本数据块签名都不同,则说明该块升级了一部分,说明在该块发生了掉电,则应该将backup(拷贝的该块旧版本数据)覆盖至该块,再从该块开始进行升级。When the embedded device system is powered off and upgraded, the data signature of the first block will be verified first, and compared with the new and old version signature data stored in the differential package. If the signature data is the same as the old version, the upgrade will start from this block; if it is different from the old version signature data, the signature of the corresponding new version data block will be compared. If it is the same as the new version data block signature, it means that the block has been upgraded, and the next data block signature will be compared in turn; if it is different from both the old and new version data block signatures, it means that part of the block has been upgraded, indicating that power has been lost in this block, and the backup (the copy of the old version data of this block) should be overwritten to this block, and then the upgrade will start from this block.

若使得以上过程正常进行,就须保证新旧版本对应块的签名唯一;若对应块的签名发生冲突,则掉电升级就可能失败。例如在图2所示,2(a)是升级时发生掉电的情况,需要校验新旧版本(A1、A2、B1、B2、C1、C2)数据块的签名,确定在哪一块发生的掉电。If the above process is to proceed normally, the signatures of the corresponding blocks of the new and old versions must be unique; if the signatures of the corresponding blocks conflict, the power failure upgrade may fail. For example, as shown in Figure 2, 2(a) is the case of a power failure during the upgrade. It is necessary to verify the signatures of the data blocks of the new and old versions (A1, A2, B1, B2, C1, C2) to determine which block the power failure occurred.

当数据块签名A1、A2、B1、B2都发生冲突2(b),不仅对应块发生冲突,相邻块也发生冲突,则依次比较A1、B1、C1块的签名,发现A1与A2块的签名相同,B1与B2块的签名相同,C1块通过签名判断出是旧版本,而backup的签名与A1、A2、B1、B2都相同。这就无法通过签名确定A1或者B1是否已经升级过了,也无法判断是在升级A1块还是升级B1块发生的掉电。When data block signatures A1, A2, B1, and B2 all conflict 2(b), not only the corresponding blocks conflict, but also the adjacent blocks conflict. Then the signatures of blocks A1, B1, and C1 are compared in turn, and it is found that the signatures of blocks A1 and A2 are the same, the signatures of blocks B1 and B2 are the same, and the signature of block C1 is judged to be an old version, while the signature of backup is the same as that of A1, A2, B1, and B2. In this case, it is impossible to determine whether A1 or B1 has been upgraded through signatures, and it is also impossible to determine whether the power failure occurred during the upgrade of block A1 or block B1.

当数据块A1、A2签名唯一,数据块B1、B2签名唯一,无论相邻快A1、B1有没有发生冲突2(c),都可确定掉电的位置;假设在B1块发生掉电,则A1块已经升级至A2,A1块的签名等于A2块的签名,backup的签名数据此时不等于A1块,B1块的签名不等于B2块的签名,唯一确定了在B1发生了掉电,将backup覆盖至B1块;假设在A1块发生掉电,则A1块的签名不等于A2块的签名,唯一确定了在B1发生了掉电,将backup覆盖至A1块。所以,只需要保证新旧版本对应数据块签名的唯一性,就可以避免掉电升级的失败。When the signatures of data blocks A1 and A2 are unique, and the signatures of data blocks B1 and B2 are unique, the location of the power failure can be determined regardless of whether there is a conflict 2(c) between adjacent blocks A1 and B1; assuming that a power failure occurs in block B1, block A1 has been upgraded to A2, and the signature of block A1 is equal to the signature of block A2. The signature data of the backup is not equal to that of block A1 at this time, and the signature of block B1 is not equal to the signature of block B2. It is uniquely determined that a power failure occurred in block B1, and the backup is overwritten to block B1; assuming that a power failure occurs in block A1, the signature of block A1 is not equal to the signature of block A2, and it is uniquely determined that a power failure occurred in block B1, and the backup is overwritten to block A1. Therefore, the failure of the power failure upgrade can be avoided by only ensuring the uniqueness of the signatures of the data blocks corresponding to the new and old versions.

在本算法中使用了murmur3哈希算法作为首选签名算法(经调研发现该签名算法质量最好),若在极端情况下,通过自适应分块进行的签名,每一种分块大小都有签名冲突的情况,就需要更换一种备选的签名算法进行签名校验,找出一个分块大小使得签名唯一。我们共调研了4种签名算法如图3所示,分别对应一个2个比特位的标记值。将对应标记值写入差分包的头部,升级时依序确定签名算法,完全避免掉电升级的失败。In this algorithm, the murmur3 hash algorithm is used as the preferred signature algorithm (the investigation found that this signature algorithm has the best quality). If in extreme cases, the signature is performed through adaptive block, and there is a signature conflict in each block size, it is necessary to replace an alternative signature algorithm for signature verification to find a block size that makes the signature unique. We investigated a total of 4 signature algorithms as shown in Figure 3, each corresponding to a 2-bit tag value. The corresponding tag value is written into the header of the differential packet, and the signature algorithm is determined in sequence during the upgrade to completely avoid the failure of the power-off upgrade.

根据本发明的一个方面,提供一种解决嵌入式设备系统升级时签名冲突的算法,所述技术方案如下:According to one aspect of the present invention, an algorithm for resolving signature conflicts during embedded device system upgrades is provided, and the technical solution is as follows:

读取待差分二进制数据包的旧版本和新版本,对于嵌入式设备系统升级时,首先需要对数据包进行分块,再进行差分,差分过程分为正向、反向分别进行;Read the old and new versions of the binary data packet to be differentiated. When upgrading the embedded device system, the data packet needs to be divided into blocks first, and then differentiated. The differentiation process is divided into forward and reverse directions respectively;

使用预定好的签名算法对数据块分别进行签名,使得在掉电升级时判断已经升级完成的进程,以防止设备因断电而升级失败。这就需要保证签名数据的唯一性,使得最终的升级成功。The data blocks are signed using a predetermined signature algorithm, so that the upgrade process can be judged to be completed during the power-off upgrade to prevent the device from failing to upgrade due to power outage. This requires ensuring the uniqueness of the signature data to ensure the final upgrade success.

验证新旧版本对应块的签名数据,判断是否签名数据唯一,若签名唯一,则记录分块的大小;若对应块的签名一样,而数据内容不一样,则签名数据发生冲突,需要自适应调整分块的大小,并再次验证签名数据,直至数据块签名唯一。记录新旧版本中每个块的签名数据以及所用的签名算法,并写入差分包。Verify the signature data of the corresponding blocks of the new and old versions to determine whether the signature data is unique. If the signature is unique, record the size of the block. If the signature of the corresponding block is the same but the data content is different, the signature data conflicts and the size of the block needs to be adaptively adjusted. Verify the signature data again until the data block signature is unique. Record the signature data of each block in the new and old versions and the signature algorithm used, and write them into the differential package.

对分块成功的数据进行差分,对于得到的差分数据,用比整数存储长度小的基础存储比特数对整数数组进行打包,减少高位存储为0的较小数的存储容量,提高整数存储空间的有效利用。The successfully divided data is differentiated, and for the obtained differential data, the integer array is packed using a basic storage bit number smaller than the integer storage length, thereby reducing the storage capacity of small numbers with high-order storage as 0 and improving the effective use of integer storage space.

尽管已经示出和描述了本发明的实施例,对于本领域的普通技术人员而言,可以理解在不脱离本发明的原理和精神的情况下可以对这些实施例进行多种变化、修改、替换和变型,本发明的范围由所附权利要求及其等同物限定。Although embodiments of the present invention have been shown and described, it will be appreciated by those skilled in the art that various changes, modifications, substitutions and variations may be made to the embodiments without departing from the principles and spirit of the present invention, and that the scope of the present invention is defined by the appended claims and their equivalents.

Claims (4)

1.一种嵌入式设备系统升级的安全性签名算法,其特征在于包括如下步骤:步骤一,读取待差分的二进制数据包;1. A security signature algorithm for an embedded device system upgrade, characterized by comprising the following steps: Step 1, reading a binary data packet to be differentiated; 步骤二,对数据包进行分块;Step 2: Divide the data packet into blocks; 步骤三,使用预定好的签名算法对数据块分别进行签名,并记录签名算法标记值;Step 3: Use the predetermined signature algorithm to sign the data blocks respectively, and record the signature algorithm tag value; 步骤四,检验对应块的签名数据,判断是否签名数据存在冲突,若未发生签名冲突,则进行步骤七;Step 4: Check the signature data of the corresponding block to determine whether there is a conflict in the signature data. If no signature conflict occurs, proceed to step 7; 步骤五,若签名数据发生冲突,则调整分块的大小,重复步骤二至步骤四,直至数据块签名唯一,进行步骤七;Step 5: If the signature data conflicts, adjust the size of the block and repeat steps 2 to 4 until the data block signature is unique, and then proceed to step 7; 步骤六,若使用该签名算法,每一次调整的块大小都发生了签名冲突,则需要更换签名算法并重复步骤二至步骤五,直至数据块签名唯一;Step 6: If a signature conflict occurs every time the block size is adjusted using the signature algorithm, the signature algorithm needs to be changed and steps 2 to 5 need to be repeated until the data block signature is unique; 步骤七,记录分块的大小,签名数据,以及所用签名算法的标记值;Step 7: Record the size of the block, the signature data, and the tag value of the signature algorithm used; 步骤八,对分块成功的数据进行差分,打包;Step 8: Differentiate and package the successfully divided data; 步骤九,对打包后的数据进行压缩,写入差分包;Step nine, compress the packaged data and write it into a differential package; 所述步骤六中更换的签名算法为Murmur3、CRC32、xxHash或者lookup3,更换所述签名算法的顺序为Murmur3、CRC32、xxHash和lookup3。The signature algorithm replaced in step 6 is Murmur3, CRC32, xxHash or lookup3, and the order of replacing the signature algorithm is Murmur3, CRC32, xxHash and lookup3. 2.根据权利要求1所述的一种嵌入式设备系统升级的安全性签名算法,其特征在于:所述步骤八中的差分得到的数据用比整数存储长度小的基础存储比特数对整数数组进行打包。2. According to the security signature algorithm for embedded device system upgrade described in claim 1, it is characterized in that: the data obtained by the difference in step eight uses a basic storage bit number smaller than the integer storage length to pack the integer array. 3.根据权利要求1所述的一种嵌入式设备系统升级的安全性签名算法,其特征在于:所述步骤八中的差分分为正向和反向,所述正向和反向同时进行。3. According to the security signature algorithm for embedded device system upgrade described in claim 1, it is characterized in that: the difference in step eight is divided into forward and reverse, and the forward and reverse are performed simultaneously. 4.根据权利要求1所述的一种嵌入式设备系统升级的安全性签名算法,其特征在于:所述二进制数据包包括旧版本和新版本。4. The security signature algorithm for upgrading an embedded device system according to claim 1, wherein the binary data packet includes an old version and a new version.
CN202011138496.0A 2020-10-22 2020-10-22 A security signature algorithm for embedded device system upgrade Active CN112286550B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202011138496.0A CN112286550B (en) 2020-10-22 2020-10-22 A security signature algorithm for embedded device system upgrade

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202011138496.0A CN112286550B (en) 2020-10-22 2020-10-22 A security signature algorithm for embedded device system upgrade

Publications (2)

Publication Number Publication Date
CN112286550A CN112286550A (en) 2021-01-29
CN112286550B true CN112286550B (en) 2024-08-16

Family

ID=74423557

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202011138496.0A Active CN112286550B (en) 2020-10-22 2020-10-22 A security signature algorithm for embedded device system upgrade

Country Status (1)

Country Link
CN (1) CN112286550B (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN114253590A (en) * 2021-11-24 2022-03-29 青岛海尔科技有限公司 Encrypted differential upgrade method, device, device and medium for embedded software
CN116302030A (en) * 2023-03-09 2023-06-23 上海对外经贸大学 Safe embedded system firmware block differential upgrading method and system

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109542497A (en) * 2018-11-26 2019-03-29 上海艾拉比智能科技有限公司 A kind of difference algorithm of small memory device system upgrade
CN111796856A (en) * 2020-08-26 2020-10-20 北京紫光展锐通信技术有限公司 Differential upgrading method and device, storage medium and computer equipment

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7555531B2 (en) * 2004-04-15 2009-06-30 Microsoft Corporation Efficient algorithm and protocol for remote differential compression

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109542497A (en) * 2018-11-26 2019-03-29 上海艾拉比智能科技有限公司 A kind of difference algorithm of small memory device system upgrade
CN111796856A (en) * 2020-08-26 2020-10-20 北京紫光展锐通信技术有限公司 Differential upgrading method and device, storage medium and computer equipment

Also Published As

Publication number Publication date
CN112286550A (en) 2021-01-29

Similar Documents

Publication Publication Date Title
US7162678B2 (en) Extended error correction codes
TWI514139B (en) Physical page, logical page, and codeword correspondence
CA2923444C (en) High performance system providing selective merging of dataframe segments in hardware
US10310938B2 (en) Data deduplication with reduced hash computations
US20120005557A1 (en) Virtual copy and virtual write of data in a storage device
CN102981927B (en) Distributed raid-array storage means and distributed cluster storage system
US7076723B2 (en) Error correction codes
JP5780174B2 (en) System and method for handling bad bit errors
US20070094570A1 (en) Error detection in storage data
CN105183382B (en) A kind of data block guard method and device
US20090319843A1 (en) Method and apparatus for error correction
KR20090028507A (en) Nonvolatile Memory Error Correction System and Method
CN112286550B (en) A security signature algorithm for embedded device system upgrade
US20180157428A1 (en) Data protection of flash storage devices during power loss
US20170115900A1 (en) Dummy page insertion for flexible page retirement in flash memory storing multiple bits per memory cell
US7664987B2 (en) Flash memory device with fast reading rate
US20160132387A1 (en) Data access method, memory control circuit unit and memory storage apparatus
CN118535374A (en) RAID stripe data error correction method, device, equipment and readable storage medium
TWI273604B (en) Memory card and semiconductor device
CN120144061A (en) A data verification method, device, equipment and medium for redundant disk array
CN118819428B (en) Disk parameter management method, device, electronic device and storage medium
US7577804B2 (en) Detecting data integrity
CN110222035A (en) A kind of efficient fault-tolerance approach of database page based on exclusive or check and journal recovery
CN108762975A (en) A kind of ECC data storage method, system and storage medium
US20080155193A1 (en) Staging method for disk array apparatus

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant