T∕ZSA 67.1-2019 移動(dòng)智能終端密碼模塊技術(shù)框架 第1部分：總則

1、ICS 35.240L70/84團(tuán)體T/ZSA 67.1-2019移動(dòng)智能終端密碼模塊技術(shù)框架 第1部分：總則Technical framework of cryptographic module in mobile smart terminal Part 1: General 2019-12-31發(fā)布2020-03-01 實(shí)施中關(guān)村化協(xié)會(huì)發(fā)布T/ZSA 67.1-2019目次前言 .II引言 . III1范圍 . 1規(guī)范性引用文件 . 1術(shù)語(yǔ)和定義 . 1符號(hào)和縮略語(yǔ) . 3移動(dòng)智能終端（ MST）. 3移動(dòng)智能終端密碼組件（ MST-CC） . 3服務(wù)端密碼組件（ SS-CC） . 4移動(dòng)

2、智能終端密碼模塊（ CMMST） . 4移動(dòng)智能終端密碼技術(shù)應(yīng)用場(chǎng)景 . 4CMMST安全威脅 . 5CMMST設(shè)計(jì)和實(shí)現(xiàn)的安全目標(biāo) . 5CMMST安全模型 . 5CMMST安全保障 . 72345678910111213IT/ZSA 67.1-2019前言T/ZSA 67-2019移動(dòng)智能終端密碼模塊技術(shù)框架分為 5個(gè)部分：第1部分：總則第2部分：密鑰加密本地保護(hù)技術(shù)架構(gòu)第3部分：密鑰加密服務(wù)端保護(hù)技術(shù)架構(gòu)第4部分：密鑰多端協(xié)同計(jì)算保護(hù)技術(shù)架構(gòu)第5部分：基于安全芯片的技術(shù)架構(gòu)本部分為 T/ZSA 67-2019移動(dòng)智能終端密碼模塊技術(shù)框架的第 1部分，是其他 4部分的背景、原理概述。其他

3、4個(gè)部分為 4種滿足GM/T 0028-2014要求的移動(dòng)智能終端密碼模塊實(shí)現(xiàn)方案，用于指導(dǎo)廠家設(shè)計(jì)、實(shí)現(xiàn)移動(dòng)智能終端密碼模塊。本部分按照GB/T 1.1-2009給出的規(guī)則起草。請(qǐng)注意本文件的某些內(nèi)容可能涉及專利。中關(guān)村化協(xié)會(huì)不承擔(dān)識(shí)別這些專利的責(zé)任。本部分由中關(guān)村化協(xié)會(huì)技術(shù)委員會(huì)提出并歸口。本部分主要起草單位：中關(guān)村網(wǎng)絡(luò)安全與信息化產(chǎn)業(yè)聯(lián)盟、 中國(guó)科學(xué)院信息工程研究所、奇安信科技集團(tuán)股份有限公司、江蘇通付盾科技有限公司、北京江南天安科技有限公司、北京握奇數(shù)據(jù)股份有限公司、鼎橋通信技術(shù)有限公司等。本部分主要起草人：王克、劉宗斌、張凡、傅文斌、張晶、李勃、魯洪成、李向榮、李強(qiáng)等。IIT/ZSA

4、 67.1-2019引言在移動(dòng)互聯(lián)技術(shù)應(yīng)用中，使用密碼技術(shù)以防止數(shù)據(jù)泄露和篡改，實(shí)現(xiàn)實(shí)體鑒別及行為抗抵賴。但密碼技術(shù)使用不當(dāng)，會(huì)使其安全作用失效，影響應(yīng)用系統(tǒng)安全。密碼技術(shù)使用的安全性取決于算法正確實(shí)現(xiàn)及密碼模塊敏感安全參數(shù)保護(hù)。在開(kāi)放移動(dòng)網(wǎng)絡(luò)和便攜 移動(dòng)終端系統(tǒng)環(huán)境中，如何設(shè)計(jì)、實(shí)現(xiàn)和使用密碼模塊，如何保護(hù)敏感安全參數(shù)成為移動(dòng)智能終端密碼模塊設(shè)計(jì)和實(shí)現(xiàn)的核心問(wèn)題。T/ZSA 67-2019移動(dòng)智能終端密碼模塊技術(shù)框架規(guī)范了移動(dòng)智能終端（mobile smartterminal MST）使用的幾種密碼模塊技術(shù)架構(gòu)。IIIT/ZSA 67.1-2019移動(dòng)智能終端密碼模塊技術(shù)框架第1部分：總則1

5、范圍T/ZSA 67-2019移動(dòng)智能終端密碼模塊技術(shù)框架的本部分界定了移動(dòng)智能終端（ MST）和移動(dòng)智能終端密碼模塊(CMMST)的范圍；列出了MST密碼應(yīng)用場(chǎng)景、CMMST安全威脅，明確了CMMST設(shè)計(jì)和實(shí)現(xiàn)須達(dá)到的安全目標(biāo)；給出了 CMMST安全模型以及安全保障。本部分是 T/ZSA 67-2019其他部分的背景及原理概述，適用于指導(dǎo) T/ZSA 67-2019其他部分的編寫(xiě)。2規(guī)范性引用文件下列文件中的條款通過(guò) T/ZSA 67-2019移動(dòng)智能終端密碼模塊技術(shù)框架的本部分的引用而成為本部分的條款。GM/T 0028-2014密碼模塊安全技術(shù)要求GM/T 0008-2012安全芯片密碼

6、檢測(cè)準(zhǔn)則3術(shù)語(yǔ)和定義下列術(shù)語(yǔ)和定義適用于 T/ZSA 67-2019移動(dòng)智能終端密碼模塊技術(shù)框架的本部分。3.1核準(zhǔn)的安全功能 approved security functionGM/T 0028-2014附錄C中給出的安全功能。如密碼算法。3.2關(guān)鍵安全參數(shù) critical security parameter與安全相關(guān)的秘密信息，這些信息被泄露或被修改后會(huì)危及密碼模塊的安全性。GM/T 0028-2014，定義3.153.3密碼邊界 cryptographic boundary明確定義的連續(xù)邊線，該邊線建立了密碼模塊的物理和 /或邏輯邊界，并包括了密碼模塊的所有硬件、軟件、和 /或固件

7、部件。GM/T 0028-2014，定義3.171T/ZSA 67.1-20193.4密碼組件 cryptographic component；CC是密碼模塊的一部分，包括實(shí)現(xiàn)了安全功能的硬件、軟件和 /或固件。3.5密碼模塊 cryptographic module實(shí)現(xiàn)了安全功能的硬件、軟件和 /或固件的集合，并且被包含在密碼邊界內(nèi)。GM/T 0028-2014，定義3.18注：本中的密碼模塊均指GM/T 0028-2014所規(guī)范的密碼模塊。3.6移動(dòng)應(yīng)用 mobile application可在移動(dòng)智能終端操作系統(tǒng)中進(jìn)行安裝使用運(yùn)行的應(yīng)用軟件。本所述的移動(dòng)應(yīng)用是指調(diào)用密碼模塊服務(wù)的應(yīng)用軟件

8、。3.7個(gè)人身份識(shí)別碼 personal identification number；PIN用于鑒別身份的一串?dāng)?shù)字和字符。3.8用戶私鑰 user private key在某一移動(dòng)智能終端使用者的非對(duì)稱密鑰對(duì)中，只應(yīng)由該用戶掌握和使用的密鑰。正常情況下，私鑰不應(yīng)泄露。3.9公開(kāi)安全參數(shù) public security parameter；PSP與安全相關(guān)的公開(kāi)信息，一旦被修改會(huì)威脅到密碼模塊安全。GM/T 0028-2014，定義3.733.10安全芯片 security chip含有密碼算法、安全功能，可實(shí)現(xiàn)密鑰管理機(jī)制的集成電路芯片。GM/T 0008-2012，定義1安全

9、功能 security function2T/ZSA 67.1-2019密碼算法及其工作模式，包括：分組密碼、流密碼、對(duì)稱或非對(duì)稱算法、消息鑒別碼、雜湊函數(shù)、或其他安全函數(shù)，隨機(jī)比特生成器，實(shí)體鑒別和敏感安全參數(shù)生成和建立等。GM/T 0028-2014，定義3.783.12服務(wù)端server side；SS本T/ZSA 67-2019密碼模塊所包含的遠(yuǎn)程服務(wù)器。3.133.14敏感安全參數(shù) sensitive security parameter；SSP包括關(guān)鍵安全參數(shù)和公開(kāi)安全參數(shù)。GM/T 0028-2014，定義3.82可信信道 trusted channel在密碼模塊和發(fā)送者或接收者

10、之間建立的安全可信的通信鏈接，用以安全傳輸未受保護(hù)的關(guān)鍵安全參數(shù)、密鑰分量和鑒別數(shù)據(jù)。GM/T 0028-2014，定義3.994符號(hào)和縮略語(yǔ)下列符號(hào)和縮略語(yǔ)適用于 T/EMCG 001-2019移動(dòng)智能終端密碼模塊技術(shù)框架的本部分。CC密碼組件（ cryptography component）CMMSTSS-CCMST移動(dòng)智能終端密碼模塊（ cryptographic module of mobile smart terminal）服務(wù)端密碼組件（ server side cryptography component）移動(dòng)智能終端（ mobile smart terminal）MST-CC移

11、動(dòng)智能終端密碼組件（ mobile smart terminal cryptography component）個(gè)人身份標(biāo)識(shí)碼（ personal identification number）PIN5移動(dòng)智能終端（MST）T/ZSA 67-2019移動(dòng)智能終端密碼模塊技術(shù)框架規(guī)范了移動(dòng)智能終端（mobile smartterminal MST）使用的各種密碼模塊技術(shù)架構(gòu)。T/ZSA 67-2019中所有部分內(nèi)容中的 MST是指能夠接入移動(dòng)通信網(wǎng)，具有提供應(yīng)用軟件開(kāi)發(fā)接口的開(kāi)放操作系統(tǒng)，并能夠安裝和運(yùn)行第三方移動(dòng)應(yīng)用軟件的移動(dòng)設(shè)備。包括手機(jī)、 Pad。這些MST可以是市場(chǎng)通用型的，也可以是機(jī)構(gòu)專

12、用型的。6移動(dòng)智能終端密碼組件（MST-CC）3T/ZSA 67.1-2019T/ZSA 67-2019中所有部分內(nèi)容中的移動(dòng)智能終端密碼組件（mobile smart terminalcryptography component；MST-CC）是指部署在移動(dòng)智能終端中的密碼組件，或獨(dú)立構(gòu)成，或與服務(wù)端密碼組件（ SS-CC）一起構(gòu)成移動(dòng)智能終端密碼模塊。7服務(wù)端密碼組件（SS-CC）T/ZSA 67-2019中所有部分內(nèi)容中的服務(wù)端密碼組件（server side cryptography component；SS-CC）是指部署在服務(wù)端中的密碼組件，與移動(dòng)智能終端密碼組件（MST-CC）一

13、起構(gòu)成移動(dòng)智能終端密碼模塊。8移動(dòng)智能終端密碼模塊（CMMST）在T/ZSA 67-2019中所指的移動(dòng)智能終端密碼模塊（ cryptographic module in mobile smartterminal；CMMST）是為MST使用的，實(shí)現(xiàn)核準(zhǔn)安全功能的硬件、軟件和 /或固件的集合，并且被包含在密碼邊界內(nèi)。這些硬件、軟件可以包含在一個(gè) MST中，如手機(jī)中的安全芯片、密碼應(yīng)用 SDK；也可以存在于 MST以外的環(huán)境中，如服務(wù)端的密碼組件，或獨(dú)立 Ukey等。9移動(dòng)智能終端密碼技術(shù)應(yīng)用場(chǎng)景在保護(hù)網(wǎng)絡(luò)安全中，密碼技術(shù)主要應(yīng)用在兩方面：信息加密和信息簽名。信息加密包括通信信息加密和存儲(chǔ)信息加密

14、，以防止信息被非法泄露。信息簽名包括用戶對(duì)數(shù)據(jù)進(jìn)行簽名以及實(shí)體（如計(jì)算機(jī)、路由器）對(duì)數(shù)據(jù)進(jìn)行簽名，以保證 交換數(shù)據(jù)的真實(shí)性和不可抵賴性。信息加密一般使用對(duì)稱密碼算法（如 SM4）；信息簽名一般使用非對(duì)稱密碼（如 SM2）算法；對(duì)通信信息實(shí)施加密時(shí)可使用非對(duì)稱密碼算法進(jìn)行通信密鑰協(xié)商。密碼技術(shù)在移動(dòng)互聯(lián)系統(tǒng)中的應(yīng)用包括但不限于以下場(chǎng)景：a)移動(dòng)終端及操作系統(tǒng)使用密碼技術(shù)。如，1)移動(dòng)終端開(kāi)機(jī)啟動(dòng)對(duì)操作系統(tǒng)進(jìn)行完整性校驗(yàn)（可信計(jì)算技術(shù)），保證移動(dòng)終端操作系統(tǒng)的完整性；2)操作系統(tǒng)對(duì)移動(dòng)應(yīng)用代碼簽名進(jìn)行驗(yàn)證，驗(yàn)證移動(dòng)應(yīng)用的合法性和完整性；3)操作系統(tǒng)對(duì)文件（或存儲(chǔ)介質(zhì)）進(jìn)行加密，保證移動(dòng)終端失控時(shí)存

15、儲(chǔ)的數(shù)據(jù)不被泄露；4)移動(dòng)終端無(wú)線局域網(wǎng)接入安全認(rèn)證。如 WAPI安全協(xié)議密碼應(yīng)用，防止非法移動(dòng)終端接入企業(yè)網(wǎng)絡(luò)；b).移動(dòng)應(yīng)用系統(tǒng)使用密碼技術(shù)。如，1)在公共網(wǎng)絡(luò)上建立企業(yè)虛擬專用網(wǎng)絡(luò)（ VPN），保證企業(yè)信息在移動(dòng)互聯(lián)網(wǎng)絡(luò)上傳輸?shù)男畔⒉槐恍孤叮?)移動(dòng)通信語(yǔ)音加密（如 VoIP），防止移動(dòng)電話通信內(nèi)容被監(jiān)聽(tīng)；3)移動(dòng)終端電子郵件加密，防止電子郵件被非授權(quán)閱讀；4T/ZSA 67.1-20195)移動(dòng)用戶上網(wǎng)登錄身份認(rèn)證（如 FIDO協(xié)議），防止非法用戶登錄網(wǎng)絡(luò)應(yīng)用系統(tǒng)；6)企業(yè)移動(dòng)終端信息文件加密存儲(chǔ)，防止非法用戶或程序讀取企業(yè)信息造成信息泄露；7)企業(yè)信息移動(dòng)終端文件電子簽名，保證企業(yè)用

16、戶對(duì)移動(dòng)辦公文件簽名的真實(shí)性和不可抵賴性；8)移動(dòng)金融業(yè)務(wù)保護(hù)，使用密碼技術(shù)保證移動(dòng)支付、轉(zhuǎn)賬操作的合法性、不可抵賴性。10 CMMST安全威脅T/ZSA 67-2019所針對(duì)安全威脅是指可使移動(dòng)智能終端密碼模塊安全功能失效的威脅。在移動(dòng)互聯(lián)網(wǎng)環(huán)境中，攻擊者可以利用網(wǎng)絡(luò)監(jiān)聽(tīng)、網(wǎng)絡(luò)攻擊、移動(dòng)終端物理介入、惡意應(yīng)用軟件等手段對(duì)CMMST進(jìn)行攻擊，加上 CMMST設(shè)計(jì)和實(shí)現(xiàn)不當(dāng)都可能對(duì)密碼應(yīng)用構(gòu)成威脅。包括 :a）影響密碼算法實(shí)現(xiàn)和使用的有效性。如，密碼算法實(shí)現(xiàn)問(wèn)題導(dǎo)致加密結(jié)果安全性降低 ，密碼模塊在使用中密碼算法程序被修改等。b ）影響密鑰生成的有效性。如，隨機(jī)數(shù)發(fā)生器質(zhì)量不合格。c ）影響敏感安

17、全參數(shù)存儲(chǔ)和使用的安全性。如，私鑰生成、存儲(chǔ)和使用不當(dāng)導(dǎo)致私鑰泄露，密鑰被非授權(quán)從CMMST導(dǎo)出，密碼模塊的 PIN碼構(gòu)成和保護(hù)不當(dāng)導(dǎo)致 CMMST非法使用，以及對(duì)密碼安全芯片進(jìn)行訪問(wèn)、能量、電磁分析非法獲取敏感安全參數(shù)等。11 CMMST設(shè)計(jì)和實(shí)現(xiàn)的安全目標(biāo)根據(jù)T/ZSA 67-2019密碼模塊設(shè)計(jì)和實(shí)現(xiàn)的安全目標(biāo)要求， T/ZSA 67-2019的CMMST設(shè)計(jì)和實(shí)現(xiàn)安全目標(biāo)包括：a ）使用并正確實(shí)現(xiàn)核準(zhǔn)的安全功能。b）防止非授權(quán)操作、使用和查看 CMMST。c）防止非授權(quán)泄露 CMMST內(nèi)容，如私鑰和 PIN碼。d）防止對(duì)CMMST和密碼算法進(jìn)行非授權(quán)或檢測(cè)不到的修改，包括非授權(quán)的修改、

18、替換、插入和刪除敏感安全參數(shù)。e）提供CMMST運(yùn)行狀態(tài)指示。f）保證CMMST在核準(zhǔn)的工作模式下能夠正確運(yùn)行。g）檢測(cè)出CMMST運(yùn)行中的錯(cuò)誤，防止這些錯(cuò)誤非授權(quán)地公開(kāi)、修改、替換或使用私鑰或 PIN碼，或者非授權(quán)地修改或替換公開(kāi)安全參數(shù) 。h）保證正確地設(shè)計(jì)、分配和實(shí)現(xiàn) CMMST。12 CMMST安全模型5T/ZSA 67.1-2019為保證CMMST設(shè)計(jì)和實(shí)現(xiàn)的安全目標(biāo) ,根據(jù)移動(dòng)互聯(lián)網(wǎng)應(yīng)用的需求和特點(diǎn)， CMMST采取服務(wù)端安全模型和移動(dòng)端安全模型實(shí)現(xiàn)對(duì)敏感參數(shù)保護(hù)。服務(wù)端安全模型適合軟件密碼模塊，移動(dòng)端安全模型適合硬件密碼模塊。CMMST服務(wù)端安全模型（ CMMST server

19、security model；CMMST-SSM）如圖1所示。MST密碼組件（MST-CC）為移動(dòng)應(yīng)用提供核準(zhǔn)的安全功能；服務(wù)端密碼組件 (SS-CC)實(shí)現(xiàn)關(guān)鍵安全參數(shù)保護(hù)，如PIN生成、私鑰加密存儲(chǔ)保護(hù)、私鑰拆分生成及其分量保護(hù)；安全通信保證 MST-CC與SS-CC安全交互。MSTSS移動(dòng)應(yīng)用安全通信密碼組件密碼組件MST-CCSS-CCCMMST圖1 CMMST服務(wù)端安全模型CMMST移動(dòng)端安全模型（ CMMST mobile security model；CMMST-MSM）如圖2所示。MST密碼安全芯片為移動(dòng)應(yīng)用提供核準(zhǔn)的安全功能，以及敏感安全參數(shù)存儲(chǔ)保護(hù)；可信信道為 CMMST提供

20、關(guān)鍵安全參數(shù)通信，例如用戶 PIN的輸入；物理安全組件為安全芯片（ security chip）提供滿足高級(jí)密碼模塊的物理安全要求，包括密碼模塊拆卸檢測(cè)及響應(yīng)、敏感安全參數(shù)清除等硬件電路。MST移動(dòng)應(yīng)用CMMST可信信道物理安全組件關(guān)鍵安全參數(shù)安全芯片圖2 CMMST移動(dòng)端安全模型6T/ZSA 67.1-201913CMMST安全保障a) CMMST使用的安全芯片須滿足 GM/T 0008-2012安全芯片密碼檢測(cè)準(zhǔn)則要求。b) CMMST服務(wù)端應(yīng)采用獨(dú)立服務(wù)器設(shè)備，并專用于 CMMST。c) CMMST應(yīng)實(shí)施配置管理，防止 CMMST及文檔被非授權(quán)修改。d) CMMST應(yīng)有嚴(yán)格的開(kāi)發(fā)過(guò)程管理

21、。e)應(yīng)采取必要措施對(duì)移動(dòng)端密碼組件、服務(wù)端密碼組件與非 CMMST系統(tǒng)實(shí)施數(shù)據(jù)及代碼隔離。f)應(yīng)對(duì)所有在開(kāi)放環(huán)境里運(yùn)行的 CMMST軟件進(jìn)行軟件實(shí)名簽名，防止密碼模塊軟件被篡改。7ICS 35.240L70/84A s s o s i c a t i o n S t a n d a r dT/ZSA 67.1-2019Technical framework of cryptographic module in mobile smart terminal Part 1: General Inplemenation Date 03-01-2020Is s ued b y Zh on ggua n

22、 cun Sta n da rd izat ion Ass ociat ionIssue Date 12-31-2019T/ZSA 67.1-2019Contents FOREWORD . . .IIIINTRODRUCTION . I1 SCOPE .12 NORMATIVE REFERENCES .13 TERMS AND DEFINITIONS .14 SYMBOLS AND ACRONYMS .45 MOBILE SMART TERMINAL （MST） .46 MOBILE SMART TERMINAL CRYPTOGRARAPHY COMPONENT （MST-CC） .47 SE

23、RVER SIDE CRYPTOGRARAPHY COMPONENT （SS-CC） .48 CRYPTOGRAPHIC MODULE IN MOBILE SMART TERMINAL （CMMST） .59 APPLICATION SCENARIOS OF CRYPTOGRAPHY OF MOBILE SMART TERMINAL .510 CMMST SECURITY THREATS .611 CMMST DESIGNED AND IMPLEMENTED SECURITY GOALS .712 CMMST SECURITY MODEL .713 CMMST SECURITY GUARANT

24、EE.9IIT/ZSA 67.1-2019FOREWORDT/ZSA 67-2019 Technical framework of cryptographic module in mobile smart terminal isdivided into 5 parts:Part 1: GeneralPart 2: Key-encryption local protectionPart 3: Key-encrypted protection on server sidePart 4: Key protection based on multi-party computationPart 5: B

25、ased on security chipThis is the first part of T /ZSA 67-2019 Technical framework of cryptographic module in mobilesmart terminal, and is the background and principle overview of the other four parts. The otherfour parts are four kinds of cryptographic module in mobile smart terminal implementations

26、olutions that meet the requirements of GM / T 0028-2014, and are used to guide manufacturers indesigning and implementing cryptographic module in mobile smart terminal.The section was drafted in accordance with the rules set out in GB/T 1.1-2009.Please note that some contents in this document may in

27、volve patents. ZhongguancunStandardization Association shall not be held responsible for identifying such patents.The section was proposed and under the jurisdiction of Zhongguancun Standardization Association- Technical Committee.The main drafting companies of this section: Zhongguancun Cyberspace

28、Affairs Industry Alliance,Institute of Information Engineering, Chinese Academy of Sciences, Qiannxin Technology Group Co.,Ltd., PayEgis, Beijing Jiangnan Tianan Technology Co., Ltd., Beijing Woqi Data Co., Ltd., DingqiaoCommunication Technology Co., Ltd., etc.The main drafters of this section: Wang

29、 Ke, Liu Zongbin, Zhang Fan, Fu Wenbin, Zhang Jing, Li Bo,Lu Hongcheng, Li Xiangrong, Li Qiang, etc.IIIT/ZSA 67.1-2019INTRODUCTION In the application of mobile internet technology, cryptographic technology is used to prevent dataleakage and tampering, and to achieve entity identification and behavio

30、r anti-repudiation. However,improper use of cryptographic technology will invalidate its security effect and affect the security ofapplication systems. The security of cryptographic technology depends on the correctimplementation of the algorithm and the protection of sensitive security parameters o

31、f thecryptographic module. In the environment of open mobile networks and portable mobile terminalsystems, how to design, implement, and use cryptographic modules, and how to protect sensitivesecurity parameters have become the core issues in the design and implementation ofcryptographic modules for

32、 mobile smart terminals.T/ZSA 67-2019 Technical framework of cryptographic module in mobile smart terminal regulatesseveral cryptographic module technology architectures used in mobile smart terminal (MST).IVT/ZSA 67.1-2019Technical framework of cryptographic module in mobile smart terminal Part I G

33、eneral 1SCOPE This section of T / ZSA 67-2019 Technical framework of cryptographic module in mobilesmart terminal defines the scope of Mobile Intelligent Terminal (MST) and CryptographicModule of Mobile Intelligent Terminal(CMMST); lists the application scenarios of MSTcryptogram, CMMST security thr

34、eats, It clarifies the security goals that CMMST design andimplementation must achieve; gives the CMMST safety model and safety guarantee.This section is an overview of the background and principles of other parts of T / ZSA67-2019, and is applicable to guide the preparation of other parts of T / ZS

35、A 67-2019.2NORMATIVE REFERENCES The clauses in the following documents have become the clauses of this section after beingreferenced in this section of T / ZSA67-2019 Technical framework of cryptographic module inmobile smart terminal.GM / T 0028-2014 Cryptogram module security technical requirement

36、sGM / T 0008-2012 Security chip cryptogram detection guidelines3TERMS AND DEFINITIONS The following terms and definitions are applicable to this part of T / ZSA 67-2019 Technicalframework of cryptographic module in mobile smart terminal.3.1Approved security functionThe security functions given in GM

37、 / T 0028-2014 Appendix C. Such as cryptographic algorithms.1T/ZSA 67.1-20193.2Critical security parameterSecurity-related secret information, the security of cryptographic module may be compromised ifthe information is leaked or modified.GM / T 0028-2014, definition 3.153.3Cryptographic boundaryA c

38、learly defined continuous edge that establishes the physical and / or logical boundariesof the cryptographic module and includes all hardware, software, and / or firmwarecomponents of the cryptographic module.GM / T 0028-2014, definition 3.173.4Cryptographic component; CCBeing part of a cryptographi

39、c module and includes hardware, software, and / or firmwarethat implements security functions.3.5Cryptographic moduleA collection of hardware, software, and / or firmware that implements security functionsand is contained within the cryptographic boundary.GM / T 0028-2014, definition 3.18Note: The c

40、ryptographic modules in this standard refer to those specified by GM / T0028-2014.3.6Mobile applicationIt can be installed and used in the mobile smart terminal operating system. The mobileapplication mentioned in this standard refers to the application software that calls thecryptographic module se

41、rvice.3.7Personal identification number；PINA string of numbers and characters used to identify people.2T/ZSA 67.1-20193.8User private keyIn an asymmetric key pair of a user of a mobile intelligent terminal, the key should only beheld and used by the user. In normal circumstances, the private key sho

42、uld not be leaked.3.9Public security parameter；PSPThe cryptographic module security will be threatened once the security related public informationis modified.GM/T 0028-2014，definition 3.733.10Security chipAn integrated circuit chip containing cryptographic algorithms, security functions, andrealiza

43、ble key management mechanisms.GM/T 0008-2012，definition 1Security functionCryptographic algorithms and their working modes, including: block cryptograms, streamcryptograms, symmetric or asymmetric algorithms, message authentication codes, hashfunctions, or other security functions, random bi

44、t generators, entity authentication, andgeneration and establishment of sensitive security parameters, etc.GM/T 0028-2014，definition 3.783.12Server side；SSRemote server included in this standard T /ZSA 67-2019 cryptographic module.3.133.14Sensitive security parameter；SSPIncludes critical safety para

45、meters and public safety parametersGM/T 0028-2014，definition 3.82Trusted channel3T/ZSA 67.1-2019A secure and trusted communication link established between the cryptographic moduleand the sender or receiver to securely transmit unprotected key security parameters, keycomponents, and authentication d

46、ata.GM/T 0028-2014，definition 3.994SYMBOLS AND ACRONYMS The following symbols and acronyms apply to this part of T / ZSA 67-2019 Technicalframework of cryptographic module in mobile smart terminal.CCcryptography componentCMMSTSS-CCMSTcryptographic module of mobile smart terminalserver side cryptogra

47、phy componentmobile smart terminalMST-CC mobile smart terminal cryptography componentPINpersonal identification number5MOBILE SMART TERMINAL（MST）T / ZSA 67-2019 Technical framework of cryptographic module in mobile smart terminalspecifies the technical architecture of various cryptographic module us

48、ed by mobile smartterminal (MST).MST in all parts of T /ZSA 67-2019 refers to mobile devices that can access mobilecommunication networks with open operating systems that provide application softwaredevelopment interfaces, and can install and run third -party mobile application software.Including mo

49、bile phones, Pad. These MSTs can be market-oriented or agency-specific.6MOBILE SMART TERMINAL CRYPTOGRARAPHY COMPONENT（MST-CC）The mobile smart terminal cryptography component (MST -CC) in all parts of T / ZSA67-2019 refers to the cryptographic component deployed in the mobile smart terminal, it isfo

50、rmed separately or join the the server-side cryptographic component (SS-CC)to form a mobilesmart terminal cryptographic module.7SERVER SIDE CRYPTOGRARAPHY COMPONENT（SS-CC）4T/ZSA 67.1-2019The server side cryptography component (SS-CC) in all parts of T / ZSA 67-2019 refers to thecryptographic compone

51、nt deployed in the server, and it joins the mobile smart terminal cryptographiccomponent (MST-CC) to form mobile smart terminal cryptographic module.8CRYPTOGRAPHIC MODULE IN MOBILE SMART TERMINAL（CMMST）The cryptographic module in mobile smart termin al (CMMST) referred to in T / ZSA67-2019 is a coll

52、ection of hardware, software, and / or firmware used by MST to implementapproved security functions and is included within cryptographic boundaries. These hardwareand software can be included in an MST, such as a security chip in a mobile phone, and acryptographic application SDK; it can also exist

53、in an environment other than MST, such as aserver-side cryptographic component, or an independent Ukey.9APPLICATION SCENARIOS OF CRYPTOGRAPHY OF MOBILE SMART TERMINAL In protecting network security, cryptographic technology is mainly applied in two aspects:informationencryptionandinformationsignatur

54、e.Informationencryptionincludescommunication information encryption and storage information encryption, which is to preventinformation from being leaked illegally. Information signatures include users signing data andentities (such as computers and routers) signing data to ensure the authenticity an

55、dnon-repudiation of the exchanged data. Information encry ption generally uses a symmetriccryptographic algorithm (such as SM4); information signatures generally use an asymmetriccryptographicalgorithm (such as SM2); when encrypting communication information,asymmetric cryptographic algorithms can b

56、e used for communication key negotiation.The application of cryptographic technology in mobile internet systems includes but is notlimited to the following scenarios:(1) The mobile terminal and operating system use cryptographic technology. Such as,a) The mobile terminal starts up and checks the int

57、egrity of the operating system(trusted computing technology) to ensure the integrity of the mobile terminaloperating system;b) The operating system verifies the mobile application code signature to verify thelegitimacy and integrity of the mobile application;c) The operating system encrypts the file

58、s (or storage media) to ensure that the datastored will not be leaked out when the mobile terminal goes out of control;5T/ZSA 67.1-2019d) Mobile terminal wireless LAN access security certification. Such as WAPI securityprotocol cryptographic application to prevent illegal mobile terminals fromaccess

59、ing the corporate network;(2) The mobile application system uses cryptographic technology. Such as,e) Establish an enterprise virtual private network (VPN) on the public network toensure that the information transmitted by the enterprise on the mobile internetwill not be leaked out;f) Mobile communi

60、cation voice encryption (such as VoIP) is used to prevent mobilephone communication content from being monitored;g) Encrypting email on mobile terminals to prevent unauthorized reading of emails;h) Mobile user login authentication (such as FIDO protocol) to prevent illegal usersfrom logging on to th