Research And Design Of Communication Terminal Security Module

With the development of communication technology, the application of communication networks is becoming more and richer. The increased communication network application has brought a very serious problem, that is, the problem of network security.The goal of this paper is to develop a security module based on communication terminal application. This security module has the general advantages that any communication equipment authorized can encrypt the data using this security module. PKI(public key infrastructure) is a series of technical and specification and proposed based on public key cryptography. At present, although PKI does not have a unified standard, but based on the application of PKI is very widely. The paper is designed based on PKI technology architecture. Through the analysis of the structure of PKI system, combining the knowledge of cryptography and communicatin theory, the paper put forward a set of feasible security solution.The proposed scheme includes four parts that is access control, identity authentication, key management and data encryption and decryption operation. Access control scheme realizes user’s access control by combining with the IC card technology and entering the PIN password mode. Identity authentication realizes bidirectional authentication between users through X.509 certificate. Key management scheme is proposed based on elliptic curve self-certified public key cryptography. The design of key management schemes includes key generation, key distribution and key negotiation process. The data encryption and decryption scheme is designed based on the SM4 block cipher algorithm.This scheme is implemented in the embedded hardware platform. The platform is designed based on OMAPL137 dual core chip.The chip includes DSP and ARM. DSP end binding SSX0912 assist processor is responsible for processing the cipher algorithm. The ARM end is responsible for the control of communication mechanism and exchange data between ARM end and the external communication terminal via the USB interface. This scheme not only guarantee the cipher algorithm operation efficiency and but also ensure the real-time of the system and can provide security protection for high real-time data such as audio, video.