| Blockchain technology is a major innovation technology in the 21 st century,and digital currency was born based on the underlying blockchain technology.As the first digital currency that adopts blockchain technology and runs successfully,Bitcoin has reached a market value of hundreds of billions of dollars.The emergence of Ethereum led the blockchain technology into the 2.0 era,which has greatly expanded the application field and use scope of digital currency.The Libra white paper was officially released in 2019,and now China's Digital Currency Electronic Payment(DCEP)is also coming out.Since both are based on blockchain technology,this has greatly stimulated the development of the current digital currency wallet market.The digital currency wallet is the management platform and transaction medium of the digital currency,as well as the entrance to the blockchain world.However,many software wallets have security vulnerabilities.If users choose carelessly,they are likely to suffer huge property losses.Therefore,how to improve and enhance the existing wallet technology is of great significance to provide directions or services for future application development after the legal digital currency has landed.At present,it is widely recognized that the most secure key storage wallet is the network-isolated hardware wallet.However,the hardware wallet can only be used to manage keys and signatures,and cannot initiate transactions online.This means that users must use two devices for each transaction,which increases the user's carrying and usage burden virtually.So far,the industry has conducted a lot of research to enhance the security performance of the software wallets.However,keys are stored in the normal network environment,and there are still hidden security risks such as malware attacks.Aiming at the above wallet problems,this thesis designs a wallet system which not only has the security of hardware isolation,but also has the portability and ease of use.Firstly,the trusted digital currency management system designed in this thesis supports two mainstream digital currencies,Bitcoin and Ethereum,and is an Android wallet system based on the Trusted Execution Environment(TEE)secure chip.In order to solve the key storage problem,Trustzone's virtualization technology is used to isolate the system into the secure world and the non-secure world,and the trusted switching between the two worlds can be realized by setting the secure interrupt.The key is stored in the TEE,since the Rich Execution Environment(REE)is isolated from the TEE,therefore,no matter whether there is malware in the REE,the system can prevent sensitive data such as keys from being stolen by attackers.Secondly,the secure boot loads each image file in order to prevent the important image files in the system from being damaged or replaced.Component integrity checks are used to refuse to load malicious programs,ensuring that attackers cannot obtain or tamper with data in the TEE.To protect the input and output data from malicious program tampering,the system also implements the secure switching between two environments and the secure device driver.Finally,for ensuring the security of payment verification of lightweight wallet transactions,the secure storage function is used to encrypt the block header data and store the encrypted file in the REE,and the file encryption and decryption process is completed in TEE.Basing on the analysis of system functional requirements and architecture design,this thesis completes the detailed design of each functional module of the system,which mainly includes the design of blockchain module,wallet module,and TEE module,and then performs functional tests on the implementation results.The wallet system is verified to be resistant to malware,phishing,and clipboard attacks by testing and analyzing the security performance of the system.Therefore,this wallet system is more portable than hardware wallets and more secure than software wallets. |
PDF Full Text Request