CN111368264A - Verification method of application program, computer device and mainboard thereof - Google Patents
Verification method of application program, computer device and mainboard thereof Download PDFInfo
- Publication number
- CN111368264A CN111368264A CN201811598812.5A CN201811598812A CN111368264A CN 111368264 A CN111368264 A CN 111368264A CN 201811598812 A CN201811598812 A CN 201811598812A CN 111368264 A CN111368264 A CN 111368264A
- Authority
- CN
- China
- Prior art keywords
- application program
- verification code
- verification
- time parameter
- computer device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000012795 verification Methods 0.000 title claims abstract description 93
- 238000000034 method Methods 0.000 title claims abstract description 42
- 230000007246 mechanism Effects 0.000 claims abstract description 20
- 230000001960 triggered effect Effects 0.000 claims description 2
- 241001391944 Commicarpus scandens Species 0.000 description 1
- 230000002457 bidirectional effect Effects 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- General Health & Medical Sciences (AREA)
- Bioethics (AREA)
- Health & Medical Sciences (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a verification method of an application program, a computer device and a mainboard thereof, wherein the application program is installed on the computer device with a basic input and output system and a timer, and the verification method comprises the following steps: the application program transmits a query value to the bios. The BIOS obtains a first time parameter from the timer, converts the first time parameter and the query value into a first verification code through the operation mechanism, and transmits the first verification code to the application program, and the application program obtains a second time parameter from the timer and converts the second time parameter and the query value into a second verification code through the operation mechanism. The application program compares the first verification code with the second verification code after receiving the first verification code, if the first verification code and the second verification code are equal or the difference is smaller than a critical value, the verification is passed, otherwise, the verification is not passed.
Description
Technical Field
The present invention relates to a verification method, and more particularly, to a verification method for an application program, a computer device, and a motherboard thereof.
Background
Existing applications are generally limited to computer devices that can be used legally based on security or intellectual property protection, and thus the applications are prevented from being cracked or copied to other illegal (unauthorized) computer devices for use. To achieve this, there is a protection mechanism for binding hardware information, in which an application program, once started, first reads and verifies hardware information, such as cpu code, hard disk serial number, etc., in a computer device in which the application program is installed, and only when the verification is passed, allows the computer device to normally execute the hardware information. Although the mechanism can bind the application program and the legal computer device which can normally execute the application program, the mechanism is easy to be cracked due to the lack of dynamic change of hardware information, so that a conscious person can freely install the application program on any computer device for use.
Disclosure of Invention
In order to solve the problem that an application program protection mechanism for verifying hardware information is easy to crack in the past, the invention provides a novel application program verification method, the verification method adopts a dynamic communication mechanism and is difficult to crack, the verification safety can be improved, and the application program is effectively prevented from being copied to other illegal computer devices for use.
The application program is installed in a computer device with a basic input and output system and a timer, and the verification method comprises the following steps: the application program transmits a query value to the bios. The BIOS obtains a first time parameter from the timer, converts the first time parameter and the query value into a first verification code through the operation mechanism, and transmits the first verification code to the application program, and the application program obtains a second time parameter from the timer and converts the second time parameter and the query value into a second verification code through the operation mechanism. The application program compares the first verification code with the second verification code after receiving the first verification code, if the first verification code and the second verification code are equal or the difference is smaller than a critical value, the verification is passed, otherwise, the verification is not passed.
In an embodiment of the present invention, the challenge value of the verification method of the application is at least one of a random number, a predetermined fixed value, and a hardware identification code of the computer device.
In an embodiment, when the verification fails, the application stops running or sends an alarm signal or a combination thereof.
In an embodiment, when the verification of the application program passes, the application program is normally executed.
In one embodiment, the step of transmitting the challenge value by the authentication method of the application program of the present invention includes: the application program writes the inquiry value into an input/output end of the computer device to trigger a system management interrupt, so that the computer device enters a system management mode, and the basic input/output system reads the inquiry value from the input/output end.
In one embodiment, the step of transmitting the first verification code by the verification method of the application program of the present invention includes: after the BIOS writes the first verification code into the I/O port, the computer device leaves the system management mode, and the application program reads the first verification code from the I/O port.
In one embodiment, the first time parameter and the second time parameter of the verification method of the application program relate to the digital part of the time.
The invention further provides a computer device for executing the verification method of the application program.
The invention also provides a computer motherboard, which has a basic input/output system, an input/output end and a timer, wherein the basic input/output system executes the following steps: reading an inquiry value written by an application program from an input end and an output end under a system management mode triggered by the application program; obtaining a first time parameter from the timer, and converting the first time parameter and the inquiry value into a first verification code through an operation mechanism; and writing the first verification code into the input/output end, and ending the system management mode.
In one embodiment, the first time parameter of the computer motherboard is related to a digital portion of a time.
In view of the above, the verification method of the application program of the present invention is a bidirectional dynamic encryption mechanism, achieves the effect of dynamic encryption by converting time parameters, further achieves the function of binding the application program and hardware, and can be widely applied to various computer devices and computer motherboards.
Drawings
FIG. 1 shows a flow chart of a preferred embodiment of the method of the present invention.
FIG. 2 is a block diagram of a computer device for performing the method of the present invention.
Fig. 3 shows a flow chart of the steps of the application program of the method of the invention for transmitting a challenge value.
FIG. 4 is a flowchart illustrating steps of an application program transmitting a first verification code to the application program according to the method of the present invention.
Wherein the reference numerals are as follows:
1 computer device
11 host board
111 basic input/output system
112 input/output terminal
113 timer
2 application program
a. b, c, a 1-a 2 and b 1-b 3
Detailed Description
Fig. 1 shows a preferred embodiment of the verification method of the application program according to the present invention, the verification method is executed by a computer device 1 shown in fig. 2, the computer device 1 includes a motherboard 11, and the motherboard 11 at least has a Basic Input Output System (BIOS)111, an input/output (I/O port)112 and a timer 113. The application 2 is installed in the computer device 1, and in this embodiment, the timer 113 may be a Real Time Clock (RTC) set on a motherboard.
As shown in fig. 1, the verification method includes the following steps a to c:
step a: the application 2 sends a query value to the bios 111.
Step b: the bios 111 obtains a first time parameter from the timer 113, converts the first time parameter and the query value into a first verification code through an operation mechanism, and transmits the first verification code to the application 2, and the application 2 obtains a second time parameter from the timer 113, and converts the second time parameter and the query value into a second verification code through the operation mechanism. It should be noted that there is no difference in time between the first time parameter and the second time parameter, i.e. when the bios 111 obtains the first time parameter from the timer 113, the application 2 also obtains the second time parameter from the timer 113, and there is no sequential difference.
Step c: the application program 2 compares the first verification code with the second verification code after receiving the first verification code, if the first verification code and the second verification code are equal or the difference is smaller than a critical value, the verification is passed, otherwise, the verification is not passed. If the verification is passed, the application program 2 executes normally, that is, the application program 2 continues to execute the function that the application program 2 should originally execute. If the verification is not passed, the application 2 stops running or sends out a warning signal or the combination of the above.
The query value may be at least one of a random number generated by the application 2, a predetermined fixed value, and a hardware identification code (e.g., a cpu code, a hard disk serial number) of the computer apparatus 1, but is not limited thereto.
The first time parameter and the second time parameter relate to a digital portion of a time, such as seconds, minutes, seconds, days, minutes, seconds, or any combination thereof. For example, if the bios 111 obtains the first time parameter (or the application 2 obtains the second time parameter) at the time: "55 minutes 28 seconds at 8 am on 12/1/2018", the first time parameter (or the second time parameter) may be "28" of seconds, or "5528" of minutes, or "085528" of minutes, or "015528" of days, minutes, seconds "12015528" of months, days, "minutes, seconds" 201812015528 ", or some combination of the aforementioned numbers, such as" 1228 "of months and seconds, but not limited thereto.
As shown in fig. 3, the step a of the application 2 transmitting the query value may include the following steps a 1-a 2:
step a 1: the application 2 writes the query value into the I/O port 112 of the computer device 1, such as I/O port B2, to trigger a System Management Interrupt (SMI) to make a Central Processing Unit (CPU)110 of the computer device 2 enter a System Management Mode (SMM), in which the control right of the computer device 1 is transferred to the BIOS 111, so that the BIOS 111 can execute the following step a2 and the above step B.
Step a 2: the basic input output system 111 reads the challenge value from the input output 112.
The bios 111 reads the challenge value, i.e. converts the challenge value and the first time parameter into the first verification code as the above step b, and transmits the first verification code to the application 2, as shown in fig. 4, the step of transmitting includes the following steps b1, b2 and b 3.
Step b 1: the bios 111 writes the first verification code to the i/o 112.
Step b 2: when the computer apparatus 1 leaves the SMM mode, for example, executes the RSM command to leave the computer apparatus 1 from the SMM mode, control is transferred back to an operating system of the computer apparatus 1, so that the application 2 can execute the following step b3 and the above steps b and c.
Step b 3: the application 2 reads the first authentication code from the input/output terminal 112. Then, the application 2 generates the second verification code and performs verification as described in the above steps b and c.
Since the operation time required for the whole verification process of the application verification method is very short, usually within 1 second, the time point when the application 2 obtains the second time parameter from the timer 113 is usually less than 1 second different from the time point when the bios 111 obtains the first time parameter from the timer 113, and the first and second time parameters are both obtained in seconds, not milliseconds, microseconds or less, therefore, the first time parameter obtained by the bios 111 and the application 2 in the minimum timing unit of the timer 113 is usually equal to the second time parameter. However, considering the possible delay of the operation time, the difference between the first time parameter and the second time parameter is allowed to be less than a threshold value, for example, less than any one of 1-5 seconds.
In addition, in the step b3, the application 2 may be configured to read the first verification code from the input/output end 112 after a predetermined period of time. For example, a preset time of 2 seconds is set, which is not limited to the step b2, and the application 2 reads the first verification code from the input/output end 112.
When the first and second verification codes are calculated, the bios 111 and the application 2 both adopt the same calculation mechanism, such as adding, subtracting, multiplying or dividing the query value and the first time parameter (or the second time parameter), but not limited thereto. In addition, the operation mechanism may further include an encryption operation.
In practical applications, the verification method of the present invention may be performed when the application 2 is started, or may be performed one or more times during the execution of the application 2, for example, by arbitrarily selecting a plurality of program points in the application 2.
Taking the application program of the game as an example, the game can execute the verification method at the starting time, during the game process, or at the starting time and during the game process. If the game is started, the game is verified, and if the game passes the verification, the game is normally executed. If the game is not verified, the game is forced to be ended and cannot be started, or the game can still be started, but a warning signal is sent out in the game process, or the game is forced to be ended and/or a warning signal is sent out.
In addition, the verification method of the application program can bind a specific corresponding computer device according to different program instructions, operation mechanisms or the combination of the two. Further, in the step a1, the application 2 writes the query value into the input/output 112 of the computer device 1, and writes the query value into the input/output 112 of the computer device 1 through a command (command) together with the query value, and different commands correspond to different applications 2, so as to bind specific corresponding computer devices. Similarly, a specific corresponding computer device can be bound through different computing mechanisms.
In summary, the verification method of the present invention requires the application 2 to additionally execute some items of the above steps, and also requires the bios 111 to additionally execute some items of the above steps, which are closely matched to each other to complete the verification, in other words, the computer device 1 and the application 2 are mutually bound in this way, and other illegal computer devices that cannot be executed in conjunction with the verification method or the execution but cannot pass the verification cannot normally execute the installed application 2, so the verification method of the present invention can effectively prevent the application 2 from being copied to the illegal computer devices for use. In addition, the first identifying code and the second identifying code are obtained by calculating time parameters with dynamic changes, so that the first identifying code and the second identifying code are dynamic identifying codes and are not easy to break.
Claims (10)
1. A verification method of an application program, the application program being installed on a computer device having a basic input output system and a timer, the verification method comprising:
the application program transmits a query value to the basic input and output system;
the BIOS obtains a first time parameter from the timer, converts the first time parameter and the inquiry value into a first verification code through an operation mechanism, and transmits the first verification code to the application program, and the application program obtains a second time parameter from the timer and converts the second time parameter and the inquiry value into a second verification code through the operation mechanism; and
the application program compares the first verification code with the second verification code after receiving the first verification code, if the first verification code and the second verification code are equal or the difference is smaller than a critical value, the verification is passed, otherwise, the verification is not passed.
2. The method according to claim 1, wherein the challenge value is at least one of a random number, a predetermined fixed value and a hardware identifier of the computer device.
3. A method of authenticating an application as recited in claim 1, wherein the application stops running or issues an alert signal or a combination thereof when the authentication fails.
4. An authentication method of an application program according to claim 1, wherein the application program is normally executed when the authentication is passed.
5. A method of authenticating an application program as recited in claim 1, wherein the step of transmitting the challenge value comprises: the application program writes the inquiry value into an input/output end of the computer device to trigger a system management interrupt, so that the computer device enters a system management mode, and the basic input/output system reads the inquiry value from the input/output end.
6. A method of authenticating an application according to claim 1, wherein the step of transmitting the first authentication code comprises: after the BIOS writes the first verification code into the I/O port, the computer device leaves the system management mode, and the application program reads the first verification code from the I/O port.
7. A method of validating an application program according to claim 1, wherein the first time parameter and the second time parameter relate to a digital portion of a time.
8. A computer device for performing the method of verifying an application program according to any one of claims 1 to 7.
9. A computer motherboard has a basic input/output system, an input/output end and a timer, wherein the basic input/output system executes the following steps:
reading an inquiry value written by an application program from the input/output end under a system management mode triggered by the application program;
obtaining a first time parameter from the timer, and converting the first time parameter and the inquiry value into a first verification code through an operation mechanism; and
and writing the first verification code into the input/output end and ending the system management mode.
10. The computer motherboard of claim 9 wherein the first time parameter relates to a digital portion of a time.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811598812.5A CN111368264A (en) | 2018-12-26 | 2018-12-26 | Verification method of application program, computer device and mainboard thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811598812.5A CN111368264A (en) | 2018-12-26 | 2018-12-26 | Verification method of application program, computer device and mainboard thereof |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111368264A true CN111368264A (en) | 2020-07-03 |
Family
ID=71209824
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811598812.5A Pending CN111368264A (en) | 2018-12-26 | 2018-12-26 | Verification method of application program, computer device and mainboard thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111368264A (en) |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113868606A (en) * | 2021-10-09 | 2021-12-31 | 新大陆数字技术股份有限公司 | Application software authorization method and system |
Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101393586A (en) * | 2007-09-18 | 2009-03-25 | 武永军 | Only method for verifying computer |
| CN102708332A (en) * | 2012-01-12 | 2012-10-03 | 苏州百正信息科技有限公司 | Method for protecting computer software copyrights by hardware identification codes |
| CN103383736A (en) * | 2012-05-02 | 2013-11-06 | 中频电子股份有限公司 | Method for verifying electronic chip and user terminal |
| CN104168116A (en) * | 2014-08-19 | 2014-11-26 | 天地(常州)自动化股份有限公司 | Database identity authentication method and system |
-
2018
- 2018-12-26 CN CN201811598812.5A patent/CN111368264A/en active Pending
Patent Citations (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101393586A (en) * | 2007-09-18 | 2009-03-25 | 武永军 | Only method for verifying computer |
| CN102708332A (en) * | 2012-01-12 | 2012-10-03 | 苏州百正信息科技有限公司 | Method for protecting computer software copyrights by hardware identification codes |
| CN103383736A (en) * | 2012-05-02 | 2013-11-06 | 中频电子股份有限公司 | Method for verifying electronic chip and user terminal |
| CN104168116A (en) * | 2014-08-19 | 2014-11-26 | 天地(常州)自动化股份有限公司 | Database identity authentication method and system |
Cited By (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN113868606A (en) * | 2021-10-09 | 2021-12-31 | 新大陆数字技术股份有限公司 | Application software authorization method and system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| JP4729046B2 (en) | How to build a reliable execution environment on your computer | |
| EP1584034B1 (en) | Systems and methods for detecting a security breach in a computer system | |
| CN108334753B (en) | Pirate application verification method and distributed server node | |
| EP2262259A1 (en) | Method for monitoring execution of data processing program instructions in a security module | |
| RU2007122339A (en) | ISOLATED COMPUTER ENVIRONMENT TAPED TO THE CENTRAL PROCESSOR AND THE MOTHERBOARD | |
| EP1829274A2 (en) | System and method to lock tpm always 'on' using a monitor | |
| JP2008521089A (en) | Special PC mode to enter when an undesirable condition is detected | |
| CN112464212A (en) | Data authority control reconstruction method based on mature complex service system | |
| CN108881132B (en) | Application authorization method, client, server and computer readable medium | |
| EP1465038B1 (en) | Memory security device for flexible software environment | |
| CN111368264A (en) | Verification method of application program, computer device and mainboard thereof | |
| CN101458748B (en) | Method for loading into kernel component to establish computing environment | |
| WO2022148149A1 (en) | License file management method and apparatus, and device | |
| CN112395587B (en) | Computer system and forced self-authentication method | |
| TWI691858B (en) | Validating method of application, computer device and mainboard thereof | |
| JP2001236132A (en) | Method and program for providing tamper resistance | |
| CN117494232B (en) | Method, device, system, storage medium and electronic equipment for executing firmware | |
| Nasser | Securing safety critical automotive systems | |
| Stolfo et al. | Research in Attacks, Intrusions, and Defenses | |
| JP5951130B2 (en) | Program verification apparatus, program verification method, and program | |
| CN118312966A (en) | Trusted starting system and trusted starting method | |
| CN114282178A (en) | Software self-protection method and device, electronic equipment and storage medium | |
| Hashmi et al. | A software based approach for trusted agent execution on malicious host | |
| CN112269998A (en) | Starting control method, system, equipment and storage medium of server |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20200703 |