CN1684017A - Software protecting method and device - Google Patents
Software protecting method and device Download PDFInfo
- Publication number
- CN1684017A CN1684017A CN 200410031062 CN200410031062A CN1684017A CN 1684017 A CN1684017 A CN 1684017A CN 200410031062 CN200410031062 CN 200410031062 CN 200410031062 A CN200410031062 A CN 200410031062A CN 1684017 A CN1684017 A CN 1684017A
- Authority
- CN
- China
- Prior art keywords
- software
- result
- scrambler
- value
- protecting
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The present invention discloses a kind of software protecting method and device. The method includes the following steps: creating verification value while starting the software and creating scramble result based on the verification value; judging whether to pass through the verification; operating the said software and starting the timer if passing through the verification; judging whether to reach the timed period of the timer; verifying the above said scramble result and judging whether to pass through the verification if reaching the preset period; further detecting the timer if passing through the verification; or else, exiting form the execution of the software or performing the limit execution of the software.
Description
Technical field
The present invention relates to the software protection field, particularly relate to a kind of method and device by proof procedure protection software.
Background technology
Along with the development of infotech, software industry also more and more is subject to people's attention, and various system softwares and application software emerge in an endless stream.Usually, the software developer need drop into the research and development that huge manpower and materials are carried out software.But in case the software development success, the bootlegger only need spend a spot of energy just can copy also sale at a low price, greatly hits the development that people are engaged in the enthusiasm and the serious obstruction software industry of software development.
Pirate to protect the intellectual property in order to contain, industry has been released a series of Software Protection Technique.Wherein, when software startup, carrying out the rights of using checking according to the sign of user profile, product ID, digital signature and/or running software carrier is method for protecting software commonly used at present, if the verification passes, then allows to carry out the operation of software; If checking can't pass, then return information, do not allow to move the limited operation that described software or masked segment function only allow software.
Seeing also Fig. 1, is a kind of flow process of method for protecting software of prior art.
When protected software initialization, will trigger authentication unit and start proof procedure: at first, obtain the information such as sign of user profile, product ID, digital signature and/or running software carrier; Secondly, the rreturn value generation unit is verified according to the sign of user profile, product ID, digital signature and/or running software carrier, generates rreturn value; Whether subsequently, comparing unit compares according to described rreturn value, pass through to judge checking, if then allow the described software of operation to carry out business processing; If not, then carry out authentication failed and handle, as return information, do not allow to move the limited operation that described software or masked segment function only allow software.
The method for protecting software of described prior art has some defectives: owing to only handle when software initialization; and directly judge by comparing unit usually according to rreturn value; if the assailant follows the tracks of the proof procedure of software; just can be by revising the rreturn value of these proof procedures; perhaps change some compare operation; make and always return checking in the proof procedure and pass through, thereby cause the assailant can thoroughly walk around proof procedure, and need not to pay close attention to other verification operation details.
Summary of the invention
The technical matters that the present invention solves is to provide a kind of increasing to attack difficulty to improve the method for protecting software and the device of security.
For this reason, the technical scheme of technical solution problem of the present invention is: a kind of method for protecting software is provided, comprises step:
1) when described software startup, generates validation value, generate the scrambler result according to described validation value;
2) judge that whether checking is passed through, and in this way, then enters step 3); As not, then do not allow the limited operation that moves described software or carry out described software;
3) move described software, and start timer;
4) judge whether aforementioned timer arrives predetermined period, in this way, then enter step 5); As not, then do not operate;
5) aforementioned scrambler result is carried out verification, judge whether verification is passed through, in this way, then return step 4); As not, then withdraw from the operation of described software or carry out the limited operation of described software.
Wherein, in the described step 1), generate the scrambler result and specifically comprise:
11) generate pseudo random number;
12) utilize described pseudo random number that validation value is carried out conversion, generate first transformation results.
Wherein, described step 12) specifically comprises pseudo random number and validation value addition; Addition result is carried out hash conversion.
Wherein, be character string with the hash conversion result as character string or with hash conversion result's value transform, described character string i.e. first transformation results.
Wherein, described step 5) specifically comprises:
51) the scrambler result is carried out map function, generate second transformation results;
52) obtain check results according to aforementioned first transformation results and second transformation results;
53) judge whether check results is predetermined value.
Wherein, map function is a hash conversion described step 51); Described step 52) in first transformation results and second transformation results are carried out the step-by-step XOR.
Wherein, described step 2) in, described judging whether by being to judge that whether validation value is predetermined value or aforementioned scrambler result carried out verification.
Wherein, before described step 1), also comprise and choose scrambler storage unit as a result.
The present invention also provides a kind of software protecting equipment that is used to realize the described method for protecting software of claim 1, comprising: the validation value generation unit is used for generating validation value when described software startup; Comparing unit, whether be used for the comparatively validate value is predetermined value; Also comprise: scrambler is generation unit as a result, is used for generating the scrambler result according to the aforementioned authentication value; Timer is used for triggering calibration equipment when described running software; Verification unit is used for when software startup or timer arrival predetermined period aforementioned scrambler result being carried out verification.
Wherein, described validation value generating apparatus and comparison means become one.
With respect to prior art; the invention has the beneficial effects as follows: at first; because carrying out scrambler to the validation value that returns, the present invention handles; generate the scrambler result; and timer is set when running software, when timer arrives predetermined period, the scrambler result is carried out verification, promptly regularly the scrambler result is carried out verification; carry out difficulty of attacking and improve security at the validation value that returns thereby increase the assailant, realize software protection.Secondly, because the present invention carries out timing verification to the scrambler result, rather than regenerate validation value and validation value is judged the speed of timing verification is higher.Secondly, in an embodiment of the invention, when software startup the scrambler result is carried out verification, prior art is verified rreturn value when software startup relatively, has increased at the rreturn value difficulty of attacking.
Description of drawings
Fig. 1 is a kind of process flow diagram of method for protecting software of prior art;
Fig. 2 is the theory diagram of software protecting equipment of the present invention;
Fig. 3 is the process flow diagram of method for protecting software of the present invention;
Fig. 4 is the process flow diagram of method for protecting software embodiment of the present invention;
Fig. 5 is the process flow diagram that scrambler is handled in the flow process shown in Figure 4;
Fig. 6 is the process flow diagram of scrambler verification as a result in the flow process shown in Figure 4.
Embodiment
Method for protecting software of the present invention and device be by carrying out scrambler and handle and the scrambler result is carried out timing verification to the validation value that returns, the effectively attack carried out at rreturn value of defensive attack person, thus realization is to the protection of software.
Seeing also Fig. 2, is the theory diagram of using the software protecting equipment of method for protecting software of the present invention.Described software protecting equipment comprises validation value generation unit 110, comparing unit 120, scrambler generation unit 130, timer 140 and verification unit 150 as a result; Described validation value generation unit 110 is used for obtaining information and generating validation value from data handling system 200 when protected software startup; Whether described comparing unit 120 is used for the comparatively validate value is predetermined value and the operation that influences data handling system 200; Described scrambler generation unit 130 as a result is used for generating the scrambler result according to the aforementioned authentication value; Described timer 140 is used for triggering verification unit 150 when described running software; Described verification unit 150 is used for when software startup or timer arrival predetermined period aforementioned scrambler result being carried out verification, and influences the operation of data handling system 200.
Need to prove that described validation value generation unit 110 and comparing unit 120 can integrate.
Seeing also Fig. 3, is the process flow diagram of method for protecting software of the present invention.
At first, implementation step S1, validation value generation unit 110 generate validation value when described software startup, and scrambler as a result generation unit 130 generate the scrambler result according to described validation value;
Step S2 judges that whether checking is passed through, and in this way, then enters step S3; As not, then do not allow the data handling system 200 described softwares of operation or carry out the limited operation of described software;
Step S3 allows the described software of operation, and starts timer 140;
Step S4 judges whether aforementioned timer 140 arrives predetermined period, in this way, then enters step S5, as not, does not then operate;
Step S5,150 couples of aforementioned scrambler results of verification unit carry out verification, judge whether verification is passed through, and in this way, then return step S4; As not, then data handling system 200 withdraws from the operation of described software or carries out the limited operation of described software.
Need to prove, among the described step S2, judge when whether checking is passed through, can adopt 120 pairs of validation values of comparing unit to compare, also can adopt 150 couples of scrambler results of verification unit to carry out verification.
For the ease of the understanding of the present invention, the present invention is described in further detail below in conjunction with embodiment.
See also Fig. 4, when protected software initialization, at first execution in step S11 selectes scrambler storage unit as a result, and described scrambler storage unit as a result comprises first memory block and second memory block.
Subsequently, among the step S12, the validation value generation unit generates validation value rtValue according to the sign of user profile, product ID, digital signature and/or running software carrier.
Consult Fig. 5 in the lump, scrambler generation unit as a result produces a length and the first memory block width consistent (as 32 s') pseudo random number rtResult.ulData1, and it is kept at first memory block; Utilize described pseudo random number rtResult.ulData1 that validation value rtValue is carried out conversion, generate the first transformation results rtResult.ulData2, the described first transformation results rtResult.ulData2 is kept at second memory block.The described pseudo random number rtResult.ulData1 and the first transformation results rtResult.ulData2 form scrambler rtResult as a result.
In the present embodiment, H (rtResult.ulData1+rtValue) _ 32 is adopted in described map function, be about to pseudo random number rtResult.ulData1 and validation value rtValue addition, its result carried out the HASH conversion, get at last HASH result preceding 32 as a signless integer.
Be understandable that two kinds of processing modes to be arranged for the raw data of HASH conversion: one, with 32 integer rtResult.ulData1+rtValue as one 4 byte long character string; Its two, be a character string with the value transform of 32 integer rtResult.ulData1+rtValue.
Step S13, comparing unit compares validation value rtValue, judges whether validation value rtValue is predetermined value, and in this way, then execution in step S14 is passed through in the expression checking; As not, represent then to verify and do not pass through that will carry out authentication failed and handle, the partial function that withdraws from running software or shielding software carries out the limited operation of software.
Step S14 allows running software to carry out business processing, starts timer.The cycle of timer can be selected voluntarily according to the characteristics of software runtime environment.
Step S15 judges whether timer arrives predetermined period, in this way, then enters step S16; As not, then do not carry out any operation, do not influence the normal operation of software.
Consult Fig. 6 in the lump, step S16 when timer arrives predetermined period, carries out verification to the scrambler result.Concrete checking procedure comprises: at first, from scrambler as a result storage unit read the scrambler result; Carry out map function, generate the second transformation results H (rtResult.ulData1+1) _ 32, be about to pseudo random number rtResult.ulData1 and add 1, its result is carried out the HASH conversion, get at last HASH result preceding 32 as a signless integer; Then the second transformation results H (rtResult.ulData1+1) _ 32 and the first transformation results rtResult.ulData2 are carried out " step-by-step XOR ", generate check results H (rtResult.ulData1+1) _ 32^rtResult.ulData2; At last, judge that whether check results is predetermined value, judges whether verification is passed through, and in this way, then returns step S15; As not, then withdraw from the operation of described software or carry out the limited operation of described software.
In the present embodiment, set and have only when protected validation value rtValue is 1, scrambler verification does not as a result pass through.Therefore,, represent that then protected validation value is 1, just mean that also the scrambler check results do not pass through if last check results is 0.
The above only is a preferred implementation of the present invention; should be pointed out that for those skilled in the art, under the prerequisite that does not break away from the principle of the invention; can also make some improvements and modifications, these improvements and modifications also should be considered as protection scope of the present invention.
Claims (10)
1, a kind of method for protecting software is characterized in that, comprises step:
1) when described software startup, generates validation value, generate the scrambler result according to described validation value;
2) judge that whether checking is passed through, and in this way, then enters step 3); As not, then do not allow the limited operation that moves described software or carry out described software;
3) move described software, and start timer;
4) judge whether aforementioned timer arrives predetermined period, in this way, then enter step 5); As not, then do not operate;
5) aforementioned scrambler result is carried out verification, judge whether verification is passed through, in this way, then return step 4); As not, then withdraw from the operation of described software or carry out the limited operation of described software.
2, method for protecting software according to claim 1 is characterized in that, in the described step 1), generates the scrambler result and specifically comprises:
11) generate pseudo random number;
12) utilize described pseudo random number that validation value is carried out conversion, generate first transformation results.
3, method for protecting software according to claim 2 is characterized in that: described step 12) specifically comprises pseudo random number and validation value addition; Addition result is carried out hash conversion.
4, method for protecting software according to claim 3 is characterized in that: is character string with the hash conversion result as character string or with hash conversion result's value transform, and described character string i.e. first transformation results.
5, method for protecting software according to claim 2 is characterized in that, described step 5) specifically comprises:
51) the scrambler result is carried out map function, generate second transformation results;
52) obtain check results according to aforementioned first transformation results and second transformation results;
53) judge whether check results is predetermined value.
6, method for protecting software according to claim 5 is characterized in that: map function is a hash conversion described step 51); Described step 52) in first transformation results and second transformation results are carried out the step-by-step XOR.
7, method for protecting software according to claim 1 is characterized in that, described step 2) in, described judging whether by being to judge that whether validation value is predetermined value or aforementioned scrambler result carried out verification.
8, according to each described method for protecting software of claim 1 to 7, it is characterized in that: before described step 1), also comprise and choose scrambler storage unit as a result.
9, a kind of software protecting equipment that is used to realize the described method for protecting software of claim 1 comprises:
The validation value generation unit is used for generating validation value when described software startup;
Comparing unit, whether be used for the comparatively validate value is predetermined value;
It is characterized in that, also comprise:
Scrambler is generation unit as a result, is used for generating the scrambler result according to the aforementioned authentication value;
Timer is used for triggering calibration equipment when described running software;
Verification unit is used for when software startup or timer arrival predetermined period aforementioned scrambler result being carried out verification.
10, software protecting equipment according to claim 9 is characterized in that: described validation value generating apparatus and comparison means become one.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2004100310625A CN100340937C (en) | 2004-04-12 | 2004-04-12 | Software protecting method and device |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2004100310625A CN100340937C (en) | 2004-04-12 | 2004-04-12 | Software protecting method and device |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1684017A true CN1684017A (en) | 2005-10-19 |
| CN100340937C CN100340937C (en) | 2007-10-03 |
Family
ID=35263382
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2004100310625A Expired - Fee Related CN100340937C (en) | 2004-04-12 | 2004-04-12 | Software protecting method and device |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100340937C (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102138300A (en) * | 2008-08-28 | 2011-07-27 | 阿尔卡特朗讯美国公司 | Message authentication code pre-computation with applications to secure memory |
| CN102804194A (en) * | 2009-05-12 | 2012-11-28 | 诺基亚公司 | Method, Apparatus, And Computer Program For Providing Application Security |
| CN104134035A (en) * | 2013-08-06 | 2014-11-05 | 腾讯科技(深圳)有限公司 | Software operation and control method and software operation and control device |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5014234A (en) * | 1986-08-25 | 1991-05-07 | Ncr Corporation | System with software usage timer and counter for allowing limited use but preventing continued unauthorized use of protected software |
| US5199066A (en) * | 1989-04-18 | 1993-03-30 | Special Effects Software, Inc. | Method and apparatus for protecting software |
| CN1103728A (en) * | 1994-05-03 | 1995-06-14 | 陈龙森 | Enciphering protection method and apparatus for software of computer |
| US5564038A (en) * | 1994-05-20 | 1996-10-08 | International Business Machines Corporation | Method and apparatus for providing a trial period for a software license product using a date stamp and designated test period |
| FR2733379B1 (en) * | 1995-04-20 | 1997-06-20 | Gemplus Card Int | PROCESS FOR GENERATING ELECTRONIC SIGNATURES, ESPECIALLY FOR SMART CARDS |
-
2004
- 2004-04-12 CN CNB2004100310625A patent/CN100340937C/en not_active Expired - Fee Related
Cited By (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102138300A (en) * | 2008-08-28 | 2011-07-27 | 阿尔卡特朗讯美国公司 | Message authentication code pre-computation with applications to secure memory |
| CN102138300B (en) * | 2008-08-28 | 2014-11-26 | 阿尔卡特朗讯美国公司 | Message authentication code pre-computation with applications to secure memory |
| CN102804194A (en) * | 2009-05-12 | 2012-11-28 | 诺基亚公司 | Method, Apparatus, And Computer Program For Providing Application Security |
| CN102804194B (en) * | 2009-05-12 | 2016-01-20 | 诺基亚公司 | For providing method and the device of application security |
| CN104134035A (en) * | 2013-08-06 | 2014-11-05 | 腾讯科技(深圳)有限公司 | Software operation and control method and software operation and control device |
| CN104134035B (en) * | 2013-08-06 | 2016-03-30 | 腾讯科技(深圳)有限公司 | The method of controlling operation thereof of software and device |
Also Published As
| Publication number | Publication date |
|---|---|
| CN100340937C (en) | 2007-10-03 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Qiu et al. | Adversarial attacks against network intrusion detection in IoT systems | |
| Van Gundy et al. | Catch Me, If You Can: Evading Network Signatures with Web-based Polymorphic Worms. | |
| Caballero et al. | Input generation via decomposition and re-stitching: Finding bugs in malware | |
| US7103779B2 (en) | Method and apparatus for incremental code signing | |
| CN1929381A (en) | Network based software protection method | |
| CN1315017C (en) | Method for software copyright protection | |
| CN101075866A (en) | Method and system for loading message on Internet | |
| Cavallaro et al. | LISABETH: automated content-based signature generator for zero-day polymorphic worms | |
| Zeng et al. | Heaptherapy: An efficient end-to-end solution against heap buffer overflows | |
| Protsenko et al. | Pandora applies non-deterministic obfuscation randomly to android | |
| CN100340937C (en) | Software protecting method and device | |
| US9264234B2 (en) | Secure authentication of identification for computing devices | |
| Ho et al. | PERG: A scalable FPGA-based pattern-matching engine with consolidated bloomier filters | |
| Lu et al. | A comprehensive detection approach of wannacry: principles, rules and experiments | |
| CN100343775C (en) | Licensing file generating method, software product protection method and system | |
| CN114880665B (en) | Intelligent detection method and device for return programming attack | |
| Zhang | Polymorphic and metamorphic malware detection | |
| CN108121899B (en) | Anti-repackaging method and system for application program | |
| Hua et al. | Mmguard: Automatically protecting on-device deep learning models in android apps | |
| Seshadri et al. | Using software-based attestation for verifying embedded systems in cars | |
| Xia et al. | Design and research of safety test model based on advanced evasion techniques | |
| Grimen et al. | Tamper protection of online clients through random checksum algorithms | |
| Niranjane | Buffer Overflow Detection and Avoidance Technique | |
| Al Daoud | Metamorphic viruses detection using artificial immune system | |
| Zhang et al. | Research on the security design of industrial control mobile terminal based on trusted software base |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20071003 Termination date: 20170412 |
|
| CF01 | Termination of patent right due to non-payment of annual fee |