CN101106771A - Mobile phone software encryption and verification method - Google Patents
Mobile phone software encryption and verification method Download PDFInfo
- Publication number
- CN101106771A CN101106771A CNA2006101014670A CN200610101467A CN101106771A CN 101106771 A CN101106771 A CN 101106771A CN A2006101014670 A CNA2006101014670 A CN A2006101014670A CN 200610101467 A CN200610101467 A CN 200610101467A CN 101106771 A CN101106771 A CN 101106771A
- Authority
- CN
- China
- Prior art keywords
- active coding
- software
- mobile phone
- phone software
- user
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Landscapes
- Storage Device Security (AREA)
Abstract
The invention provides an encryption and authentication method for mobile phone software, which can prevent J2ME software from being applied by an invalid user via a special software encryption and authentication method. The method includes the steps: a. adding a plurality of activation codes into class files of binary distribution package of mobile phone software; b. setting authorization of the mobile phone software by using the added activation codes; c. identifying validity of the activation codes after the mobile phone software is started up; d. obtaining the unique identifier of the mobile phone user when the activation codes are invalid; e. sending request to a server by using the obtained unique identifier of user to obtain an updated activation code; and f. returning the updated activation code and/or an updated authorization to the mobile phone if the server defines that the unique identifier of user is the right one.
Description
Technical field
Present invention relates in general to the numerical protection method of cell phone software.Specifically, the present invention relates to the protection of J2ME (Java 2 Micro Edition) cell phone software, can prevent that J2ME software from being used by the disabled user by specific software cryptography and verification method.
Technical background
For ease of describing and understanding the present invention, now provide being explained as follows of the noun of being correlated with in the prior art:
OTA:Over The Air, promptly aerial, wireless mode
J2ME:Java 2 Micro Edition promptly are fit to the Java that small hand-held system (comprising portable terminal) uses
MIDP:Mobile Information Device Profile, Mobile Information Device Profile is the technical specification of J2ME, two versions is arranged at present, i.e. MIDP1.0 and MIDP2.0.MIDP2.0 is the upgraded version of MIDP1.0, backward compatible MIDP1.0 standard
JAR:Java Archive, the Java APMB package
KVM: K word assistant warden java virtual machine, the Java Virtual Machine of mini-plants such as mobile phone, at the less fact of this kind equipment internal memory, the internal memory that it needs is a unit with kilobytes (k)
The Java file: the java source code file is extension name usually with .java
The Class file: the java binary executable after the compiling, operate on the java virtual machine, be extension name usually with .class
Bytecode (bytecode): refering in particular to the binary executable code that comprises in the class file, is the combination of java virtual machine instructions
Class (class): be the base unit of functional module in the Java language, comprise several Java Method.In the binary system issue bag after compiling, the corresponding class of each class file
The MIDlet:MIDlet class is the superclass (parent) of the inlet class of all J2ME softwares.Sometimes also use the MIDlet term to refer to a J2ME software
Java Method:Java method, it is the base unit of logical combination in the Java language, be commonly referred to function f unction or process procedure in other programming language (as C and Pascal), in the class file after compiling, bytecode also is that unit makes up and exists with method
Compiling: source file is converted to the process of executable code, refer in particular to conversion hereinafter from the java source code to the class file
Decompiling: binary executable is reduced into the transfer process of source code, refers in particular to conversion hereinafter from the class file to the java source file
Pre-verification (preverify): use the class file after the Java compiler compiles to pass through pre-checking treatment, class file after the processing could correctly be written into operation by KVM, J2ME has alleviated the burden of KVM on the one hand with pre-verification scheme, has still guaranteed the correctness of class file on the one hand.
Obscure (obfuscate): a kind of binary executable is handled; under the prerequisite of reprogramming operation logic not; by debugging and the supplementary in the deletion execute file; revise variable, method name; change means such as pack arrangement; the source code readability that executable file decompiling after feasible the processing obtains descends greatly, thereby reaches the method for protection developer intellectual property.
The J2ME technology is proposed by U.S. sun company, and being intended to provides transplantable java extension mechanism for small hand-held wireless devices such as mobile phones.From then on technology proposes the time passed through several years till now, has obtained cell phone manufacturer, operator, software developer's extensive support.At present, we can say that the mobile phone of supporting J2ME is universal in worldwide.Yet, there is survey data to show, in the Java of China cellphone subscriber, only have an appointment 30% for downloading the J2ME application and playing and pay, most of user uses pirate cell phone software.This is because J2ME software makes that application is easy to crack very much, and is difficult to illegal propagation is control effectively owing to its geneogenous security flaw.The illegal propagation phenomenon of J2ME software is not only to occur in China, is faced with similar situation abroad yet.
Situation at a large amount of bootleggings of J2ME software quilt and use, OMA international organization (OpenMobileAlliance.org) has proposed (the Digital RightsManagement of the DRM on the wireless device, digital copyright management) scheme is used for preventing that J2ME software from illegally being propagated.DRM is content (picture, the tinkle of bells, theme, recreation, application ...) and rights of using separate, people pay to the right to use rather than content itself are paid.Yet the scheme of OMA needs the special support of hardware, that is to say the existing terminal that can't be applicable to the huge radix of possessing on the market.
Fig. 1 is the schematic diagram of a kind of method for protecting software based on the DRM scheme of prior art.This method for protecting software is proposed by more external companies (such as Wi-software).According to the method, by certain technological means, in J2ME software, add some Authority Verification codes automatically.Therefore the user will, have only the user who has passed through the authority detection just can have access to real content earlier through the detection of authority before having access to real content.As shown in Figure 1, carry out the authority detection, have only and passed through the authority detection, just can have access to the software main logic by embed the legitimate verification logic in inlet class (MIDlet).
Yet, be that this method for protecting software based on the DRM scheme of representative still exists weak point with Wi-software.For domestic consumer, it can play some and prevent the illegal purpose of propagating and using, but, for veteran cracker, such as grasped the technical staff who necessarily cracks technology, might crack by the means of " decompiling-erase right detection of code-recompilate-repack " such medelling.For such technical staff, be that this method for protecting software based on the DRM scheme of representative does not just have due anti-deciphering effect with Wi-software.
Fig. 2 is a kind of method for protecting software based on registration code of prior art.This method is by some software developers on stream, the software of developing for preventing is illegally used in the future, in program artificial adding the registration code authentication mechanism, require the user must buy the repertoire that a legal registration code or sequence number could access software.As shown in Figure 2, in the software main logic, add the registration code verifying logic.Like this, when running software, will carry out the registration code verifying logic, the user must use registration code or the sequence number of buying separately, could pass through the registration code verifying logic, and then the repertoire of access software.
Yet because the restriction of cell phone software technology platform, registration code can't be realized binding with mobile phone terminal.That is to say that the user of some malice after can obtaining a legal registration code fully propagates its copy with software.Therefore this scheme can't prevent effectively that equally software from illegally being propagated and use, thereby can not effectively protect software developer's software development achievement.And furtherly, the method that experienced cracker can say according to the front equally navigates to the registration Validation Code, repacks issue with this code deletion or after distorting.
Thus, need provide a kind of better method for protecting software, to prevent that J2ME software from being propagated and use so that modes such as network download are illegal.
Summary of the invention
The present invention is devoted to solve above-mentioned problems of the prior art.An object of the present invention is to provide a kind of J2ME method for protecting software, use java class deformation technology, provide reliable numerical protection cell phone software by directly the binary system issue bag (JAR bag) of cell phone software being carried out encryption.
According to the present invention, use java class deformation technology, directly the binary system issue bag (JAR bag) to cell phone software carries out encryption.Protected JAR bag after the processing remains a legal J2ME program, can normal mounting on the mobile phone terminal.But protected JAR bag the active coding that is provided by server is provided could normally moves, and its can initiate request to upgrade active coding from the trend server.
According to an aspect of the present invention, provide a kind of mobile phone software encryption and verification method, comprised step: added a plurality of active codings in a plurality of class files of a. in the binary system issue bag of cell phone software; B. the active coding of use adding is provided with the rights of using to cell phone software; C. after cell phone software is activated, check the validity of active coding; D. under active coding is invalid situation, obtain cellphone subscriber's unique identification; E. utilize the user's unique identification that is obtained, send request to server, to obtain the active coding of renewal; If judge that with the f. server user's unique identification is correct, then return the active coding of renewal and/or the rights of using of renewal to mobile phone.
According to another aspect of the present invention, provide a kind of mobile phone software encryption and verification method, comprised step: added a plurality of active codings in a plurality of class files of a. in the binary system issue bag of cell phone software; B. the active coding of use adding is provided with the rights of using to cell phone software; C. after cell phone software is activated, check the validity of active coding; D. under active coding is invalid situation, send request to server, to obtain the active coding of renewal; Unique identification with e. server identification cellphone subscriber judges whether to be validated user according to unique identification, and is being judged as under the situation of validated user, returns the active coding of renewal and/or the rights of using of renewal to mobile phone.
Method for protecting software of the present invention separates the content and the right to use, can propagate arbitrarily through the content of encrypting, but must obtain could use this content after the suitable right to use, comprises the necessary data that content is decrypted in the rights of using object.
J2ME software cryptography of the present invention and verification method can be applicable to that all support the terminal equipment of J2ME on the market based on existing hardware platform and software specifications.Owing to the invention enables software is cracked very difficulty, therefore can prevent effectively that J2ME software from illegally being used, thereby effectively containment is pirate.
The present invention also can be fully based on existing hardware platform and software specifications and move.Therefore of the present invention also have be easy to realize, advantage that cost is low, the also copyright of reliably protecting J2ME software when containment is pirate.
Description of drawings
The present invention is described in detail by the reference accompanying drawing, and above-mentioned and other advantage of the present invention, feature will be clearer.In the accompanying drawing:
Fig. 1 is the schematic diagram of a kind of method for protecting software based on the DRM scheme of prior art;
Fig. 2 is the schematic diagram of a kind of method for protecting software based on the registration code scheme of prior art;
Fig. 3 is the block diagram of software cryptography of the present invention and verification method;
Fig. 4 is the flow chart of active coding check of the present invention and renewal;
Fig. 5 is the active coding check of Fig. 4 and the particular flow sheet of the check active coding validity in the renewal process; With
Fig. 6 is the active coding check of Fig. 4 and the particular flow sheet that obtains user's unique identification (ID) in the renewal process.
Embodiment
Fig. 3 is the block diagram of software cryptography of the present invention and verification method.Software cryptography of the present invention and verification method use java class deformation technology, directly a plurality of classes (Class) file in the binary system issue bag (JAR bag) of cell phone software are carried out encryption.As shown in Figure 3, functional module A-D is the class file in the JAR bag, and all or part of functional module among the functional module A-D is encrypted.In the present invention, this encryption can realize by adding the active coding Validation Code.Yet the present invention is not limited in this mode, also can realize as the encryption that produces at random by adding other password.
Protected JAR bag after the processing remains a legal J2ME program, can normal mounting on the mobile phone terminal.But protected JAR bag the whole active codings that provided by server is provided could normally moves, and its can upgrade active coding from the trend server requests.
According to the present invention, the active coding verifying logic of adding is not that simple concentrating is present in a fixing position, but may reside among the Java Method of a plurality of class files, even spreads all over the Java Method of all class files.Because active coding of the present invention produces logic fully at server end, the cracker can't derive active coding according to encrypted content and produce algorithm.
According to the present invention, the active coding that is added not is effectively permanent.The present invention distributes the date and time restriction for the active coding that is added.For example, active coding is preceding effectively on certain date (as on December 31st, 2006).Perhaps, active coding is effective in several hours~several days time.Certainly, be not what fix for the restriction of date and time, but can in realizing process of the present invention, select according to actual conditions.
According to the present invention, rights of using exist with the form of active coding, and active coding is only effective in certain date or time limited field.For example, the active coding verifying logic of embedding can the using system date as an input of checking computing, active coding must could pass through to verify with the system data coupling.Using with unmatched active coding of date to cause program that unpredictable mistake takes place.For example, protected J2ME program will be upgraded active coding from the trend server requests when moving for the first time every day.Certainly, interval from active coding to server requests that upgrade is not limited to one day, and can be several hours, several days or longer date.
According to the present invention, rights of using can also limit by the regulation access times.For example, can set the access times of a regulation to the active coding verifying logic that embeds, every regular hour (as one day or several hours) excessively, then number of times subtracts 1.When number of times reduced to 0, active coding became invalid, must upgrade active coding and could continue to use software.The present invention is not limited at a certain time interval (as one day or several hours) to the qualification of number of times and is used as the chronomere that number of times successively decreases, and the present invention also can be set at number of times each software startup and then subtract 1.
The present invention can adopt binary data as active coding.Because binary data does not have readability, therefore be difficult to be made a copy of and propagate.In addition, because the present invention is provided with date and/or time restriction to active coding, therefore, under the relatively shorter situation of date or time, make the behavior of propagating active coding lose meaning.
In addition, the present invention also is not limited to only add password (or active coding) in the class file of JAR bag, but the inlet class (MIDlet) that the present invention can wrap JAR, software main logic, each functional module are all as the object of encrypting.As shown in Figure 3, active coding of the present invention can be added among inlet class (MIDlet), software main logic and a plurality of functional module A-D simultaneously.
The check of active coding and new technological process more
The active coding check that the present invention embeds in JAR bag and more new logic can represent with the flow chart of following Fig. 4-Fig. 6.
Fig. 4 is the flow chart of active coding check of the present invention and renewal.The present invention uses the class deformation technology to add active coding check and new logic more in client (just JAR bag).And, provide a corresponding server end program at server end, in order to produce legal active coding and to provide active coding to it according to the request of client.Server can be controlled completely to the generation and the granting of active coding, and then realizes various tariff mode.
As shown in Figure 4, after the J2ME software on the mobile phone is activated, at step S1, the validity of programmed check active coding.If active coding is effective, then directly enter the software main logic.Become invalidly if in step S1, judge active coding, then obtained user's unique identification (ID) at step S2.At step S3, mobile phone sends request to server, to obtain the active coding of renewal.In response to this request, at step S4, server returns the active coding of renewal and the rights of using of renewal judging under the correct situation of user's unique identification.The use claim of this renewal can be the time or date restriction of upgrading, and also can be available number of times restriction.At step S5, mobile phone is preserved user ID, the active coding of renewal and the rights of using of renewal.
Fig. 5 is the active coding check of Fig. 4 and the particular flow sheet of the check active coding validity in the renewal process.As shown in Figure 5, at step S11, at first judge whether to exist active coding.If being active coding, judged result do not exist, active coding invalid ("No") then, and program enters the step S2 of Fig. 4, to obtain new active coding.Exist if in step S11, judge active coding,, judge further whether current active coding rights of using are effective, promptly judge whether before the use date of regulation or within the official hour length or within the available number of times of regulation then at step S12.If judged result be active coding invalid ("No"), then enter the step S2 of Fig. 4, to obtain new active coding to server requests.If it is effective to judge the rights of using of active coding in step S12, promptly, then available number of times is subtracted 1, and enter the software main logic before the use date of regulation or within the official hour length or within the available number of times of regulation.
In the embodiment of Fig. 5, if set rights of using are available number of times, then the available number of times that is judged as active coding greater than 0 situation under, available number of times is subtracted 1, and enters the software main logic.
Fig. 6 is the active coding check of Fig. 4 and the particular flow sheet that obtains user's unique identification (ID) in the renewal process.As shown in Figure 6, at step S21, mobile phone is written into user's unique identification from this locality.This user's unique identification can be the password of phone number or setting, also can be the unique ID that is embedded in the JAR bag in advance by the present invention.If successfully obtain user's unique identification, then enter the step S3 of Fig. 4, with the active coding of further acquisition renewal.If the step S21 at Fig. 6 does not obtain user's unique identification, then input its unique identification (as cell-phone number or password) step S22 request user.At step S23, whether the sign that the mobile phone inspection user is imported is effective.If effectively, then enter the step S3 of Fig. 4, with the active coding of further acquisition renewal.If invalid, then return step S22.
In Fig. 6, whether mobile phone is effective in the sign of step S23 inspection user input.Yet, the present invention is not limited to this, mobile phone can just send to server side without check with the unique identification of user's input, and judge whether to be effectively user's unique identification, and when being judged as effective user's unique identification, return the active coding of renewal and new rights of using to mobile phone by server side.
Top flow process has been described a kind of universal scheme, and for Mobile Network Operator, because they can directly obtain user's unique identification (phone number) according to the network requests of mobile phone, can omit so obtain the process of the unique ID of user, flow process can also be simplified more like this.In this case, server identification cellphone subscriber's unique identification judges whether to be validated user according to unique identification, and is being judged as under the situation of validated user, returns the active coding of renewal and/or the rights of using of renewal to mobile phone.In this case, except the primary network request (for the consideration of secure context, after needing the user to confirm usually, Java Runtime Environment on the mobile phone just allows Java softward interview network, this point is different with the PC online), other process does not need fully with user interactions, more transparent to the user, user's experience is better.
An example of active coding verifying logic
Embedded the active coding verifying logic among a plurality of Java Method of the present invention each class in the JAR bag, cracked difficulty with raising.In one embodiment of the invention, active coding and date on same day coupling.In this case, the code of adding is a simple expression formula checking, and its logic can be with following false code approximate representation:
If (the timing code on<same day〉<computing〉<the method feature sign indicating number 〉)!=<method active coding 〉)
return;
}
Wherein:
A.<same day timing code be this Time of Day numeral through computing, require in these in a few days any two moment, computing obtains<same day timing code equate that and in two moment neither waiting arbitrarily in the date, the timing code of computing acquisition does not then wait;
B.<computing be add, subtract, arithmetic or logical operation such as XOR;
C.<and the method feature sign indicating number〉add a feature numeral relevant with ad hoc approach by the present invention.Server end writes down all feature numerals, and the active coding of generation and its coupling;
D.<and the method active coding〉be the part (one or more elements of array) from the active coding that server end obtains.
In actual applications, software cryptography of the present invention and verification method also adopt following means to reduce the feature of inserting code, write to prevent that the cracker from touching out that computer program is auxiliary to be cracked after certain rules or the pattern:
1. handle at random<same day timing code〉or<the method active coding〉first assignment gives local variable, re-uses local variable and participates in the expression formula checking, and the virtual machine instructions that uses in the Validation Code of Sheng Chenging is different like this;
2. utilize addition, XOR, logic relatively to wait computing to satisfy the characteristic of exchange rate, each position in the change expression formula at random;
3. be not to add a position to inserting in the code set, but the insertion virtual machine instructions of looking for some positions to disperse at random in the front portion of Method;
4. use several diverse ways to obtain system time and computing<same day timing code at random 〉;
5. the static variable of using in the expression formula checking, at random, being distributed in each class of disperseing.
What time combine above, select for use at random, extremely difficult common trait or the pattern of finding out each pass point in the bytecode of the final class file that produces, so coding like this cracks automatically hardly may.Because active coding of the present invention produces logic fully at server end, the cracker also can't derive active coding according to encrypted content and produce algorithm.For the people who attempts to crack, he must find all encrypted locations, and makes amendment one by one on the binary system byte sign indicating number of all encryption methods, as long as the place that has one or two place to omit will cause taking place in the program running unpredictable mistake.Simultaneously, the present invention can also carry out targetedly " anti-decompiling " to the class file and handle, most class files after the processing all can not be by main flow decompiler (jad, jode etc.) decompiling fully makes the simple crack method of " decompiling---modification---recompility " thoroughly lose efficacy.
In this embodiment of the present invention, for example, can the using system date or time as an input of checking computing, active coding must could pass through to verify with the system date and time coupling.Using with the unmatched active coding of date or time to cause program that unpredictable mistake takes place.For example, every preset time (such as one day), protected J2ME program will be upgraded active coding from the trend server requests.
The control of server end
The basic duty of server end is: the update request of response cell phone software, checking request legitimacy generates active coding, and provides active coding according to tariff mode and user's relation of ordering.Server end is more flexible, can expand accordingly according to real needs.
Protected J2ME software can comprise following parameter in the active coding update request that server is initiated:
1. the unique number of software, server end uses this to number to determine the tariff mode of this software;
2. user's unique identification (cell-phone number/password), server end uses this to identify the relation of ordering of discerning validated user and safeguarding this user;
3. initiate request mobile phone local zone time constantly, because may there be certain error in the time of mobile phone with server time, so server uses this time to determine the margin of error.
Whether server end can be selected normally to respond according to above parameter:
1. user's unique identification correct (cell-phone number and password coupling), and user has the relation of effectively ordering to software, then normally provides active coding;
2. user's unique identification mistake (cell-phone number and password do not match) is refused to respond;
3. the user does not effectively order relation to software, and refusal is responded;
4. too much in the same position user one day to the active coding request number of times, think that then this user's unique identification is illegally propagated, can refuse to respond;
5. mobile phone time in the request and server time phase difference too much (such as 1 day) have then been thought user's malicious modification the cell phone system time, can refuse to respond;
Server end comprises following content in the data that protected J2ME software is responded:
1. conditional code, normal or mistake is for this coded representation error code of the situation of makeing mistakes;
2. new active coding;
3. new available number of times uses available number of times can realize the metering tariff mode.
Software cryptography of the present invention and verification method have following technological merit:
1. can be fully realize, do not need the special support of equipment, applicable to most terminals on the market based on the MIDP1.0 technical specification.
2. software cryptography of the present invention and verification method have been continued to use the thought of digital copyright management, that is: the content and the right to use are separated, can propagate arbitrarily through the content of encrypting, but must obtain to use this content after the suitable right to use, comprise the necessary data that content is decrypted in the rights of using object.The present invention has fully taken into account the limitation of existing hardware platform and software engineering, and the various means that crack have all been designed corresponding countermeasure.The present invention is perfect, reliable, healthy and strong DRM solution, peeling off of the rights of using success of content itself and content.Content is encrypted, can propagate in any way, can normal mounting, and could normal operation but must obtain suitable rights of using from server end.And rights of using also can be used multiple mode, be sold by multiple channel.Can realize that with service time and access times be unit, very flexibly the rate control model.
3. by technological means, directly final binary executable (.class file) is encrypted.The developer needn't consider Copyright Protection fully in development process, and can all put into energy in the exploitation of content.
Active coding more new technological process (for example, only taking place once in one day) regularly takes place, very little to the influence of user experience.And the active coding Validation Code that adds is minimum to the performance impact of software.
5. the code of Jia Ruing is simplified very much, and is very little to the influence that software issue inclusion is long-pending, and can control by the quantity that changes pass point,
In sum, software cryptography of the present invention has been carried out the content of software itself effectively to separate with its rights of using with verification method, and copy is free to propagate, and could normally use with corresponding rights of using but must obtain suitable active coding.The generation of active coding and the granting of authority are then fully by server controls, safely and reliably.The characteristic that the invention enables wireless softwares such as J2ME to be easy to propagate no longer becomes software developer's enemy, on the contrary, becomes the strong approach that they open up a market.
Though describe the present invention with reference to specific embodiment above, clearly, under the prerequisite that does not break away from main spirit of the present invention and category, can carry out various modifications and change to these embodiment.So, should be interpreted as specification and accompanying drawing illustrative rather than restrictive.
Claims (14)
1. mobile phone software encryption and verification method comprise step:
A. add a plurality of active codings in a plurality of class files in the binary system issue bag of cell phone software;
B. the active coding of use adding is provided with the rights of using to cell phone software;
C. after cell phone software is activated, check the validity of active coding;
D. under active coding is invalid situation, obtain cellphone subscriber's unique identification;
E. utilize the user's unique identification that is obtained, send request to server, to obtain the active coding of renewal; With
If f. server judges that user's unique identification is correct, then return the active coding of renewal and/or the rights of using of renewal to mobile phone.
2. mobile phone software encryption and verification method comprise step:
A. add a plurality of active codings in a plurality of class files in the binary system issue bag of cell phone software;
B. the active coding of use adding is provided with the rights of using to cell phone software;
C. after cell phone software is activated, check the validity of active coding;
D. under active coding is invalid situation, send request to server, to obtain the active coding of renewal; With
E. server identification cellphone subscriber's unique identification judges whether to be validated user according to unique identification, and is being judged as under the situation of validated user, returns the active coding of renewal and/or the rights of using of renewal to mobile phone.
3. method as claimed in claim 1 or 2, wherein,
If the judged result of described step c is that active coding is effective, then mobile phone is normally started and is entered normal operating condition.
4. method as claimed in claim 1 or 2, wherein,
The rights of using of described cell phone software are for using the date restriction.
5. method as claimed in claim 1 or 2, wherein,
The rights of using of described cell phone software are restriction service time.
6. method as claimed in claim 1 or 2, wherein,
The rights of using of described cell phone software are the available number of times restriction of cell phone software, and when each cell phone software was activated, predetermined available number of times subtracted 1.
7. method as claimed in claim 1 or 2, wherein,
Described active coding is binary data or text data.
8. method as claimed in claim 1 or 2, wherein, in step a,
Also wrap into mouthful class and add an active coding, and the active coding of insertion can be the insertion virtual machine instructions of dispersion that is arranged in a plurality of positions of class file in the issue of the binary system of cell phone software.
9. method as claimed in claim 1 or 2, wherein,
Active coding and date on same day coupling, the active coding of its adding can be with following false code approximate representations:
If (the timing code on<same day〉<computing〉<the method feature sign indicating number 〉)!=<method active coding 〉)
return;
}
Wherein:
A.<same day timing code be this Time of Day numeral through computing, require in these in a few days any two moment, computing obtains<same day timing code equate that and in two moment neither waiting arbitrarily in the date, the timing code of computing acquisition does not then wait;
B.<computing be add, subtract, arithmetic or logical operation such as XOR;
C.<and the method feature sign indicating number〉be a feature numeral relevant with ad hoc approach, server end writes down all feature numerals, and the active coding of generation and its coupling;
D.<and the method active coding〉be the part from the active coding that server end obtains, i.e. one or more elements of array.
10. method as claimed in claim 1 or 2, wherein,
The cellphone subscriber's who is obtained in described step (d) unique identification is the usemame/password of phone number or user's setting or the unique identification that embeds binary system issue bag in advance.
11. method as claimed in claim 1 or 2, wherein, described step c comprises:
C1. judge whether there is active coding in the cell phone software, and be to carry out described steps d under the non-existent situation of active coding in judged result;
If c2. the judged result of step c1 is that active coding exists, judges then whether the rights of using of current active coding are effective, and under the rights of using of current sharp sign indicating number are invalid situation, carry out described steps d.
12. the method for claim 1, wherein
In described steps d, described user's unique identification can be written into from mobile phone this locality or be imported or obtained from the network requests of mobile phone by the user.
13. method as claimed in claim 12 wherein, comprises to the request that server sent:
The unique number of cell phone software;
User's unique identification; With
Initiate request mobile phone local zone time constantly.
14. method as claimed in claim 13, wherein, whether described server is correct according to the included data of described request, determines whether to generate the active coding and the corresponding rights of using of renewal.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006101014670A CN100515134C (en) | 2006-07-10 | 2006-07-10 | Mobile phone software encryption and verification method |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2006101014670A CN100515134C (en) | 2006-07-10 | 2006-07-10 | Mobile phone software encryption and verification method |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101106771A true CN101106771A (en) | 2008-01-16 |
| CN100515134C CN100515134C (en) | 2009-07-15 |
Family
ID=39000398
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2006101014670A Expired - Fee Related CN100515134C (en) | 2006-07-10 | 2006-07-10 | Mobile phone software encryption and verification method |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100515134C (en) |
Cited By (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2010130125A1 (en) * | 2009-05-14 | 2010-11-18 | 中兴通讯股份有限公司 | Method and apparatus for realizing application right control of mobile terminal |
| CN102480724A (en) * | 2010-11-30 | 2012-05-30 | 国民技术股份有限公司 | Software authentication data card, software authentication system and software authentication method |
| CN101699819B (en) * | 2009-11-13 | 2012-07-25 | 中国电信股份有限公司 | Method and system for managing digital rights |
| CN105791388A (en) * | 2016-01-13 | 2016-07-20 | 四川长虹电器股份有限公司 | Vehicular product remote activation method of internet of vehicles system |
| CN106657137A (en) * | 2017-01-17 | 2017-05-10 | 腾讯科技(上海)有限公司 | Software product legitimacy verification method, apparatus and system |
| CN107256348A (en) * | 2017-04-28 | 2017-10-17 | 福建天晴在线互动科技有限公司 | Active coding gets method and its system |
| CN107368297A (en) * | 2017-06-19 | 2017-11-21 | 上海顶羽网络科技有限公司 | A kind of method for generating application code |
| CN109564598A (en) * | 2017-03-13 | 2019-04-02 | 华为技术有限公司 | A kind of endpoint detection methods and terminal |
| CN109567755A (en) * | 2018-12-05 | 2019-04-05 | 成都云卫康医疗科技有限公司 | A kind of management system and business model of sleep breath monitoring equipment |
| CN110413345A (en) * | 2019-07-26 | 2019-11-05 | 云湾科技(嘉兴)有限公司 | Program verification method, calculates equipment and computer storage medium at device |
| CN110661759A (en) * | 2018-06-30 | 2020-01-07 | 华为技术有限公司 | Access detection method and device |
| WO2020063328A1 (en) * | 2018-09-29 | 2020-04-02 | 欧姆龙株式会社 | Activation method, apparatus and system for programmable logic controller |
| CN113051532A (en) * | 2019-12-27 | 2021-06-29 | 施德朗(广州)电气科技有限公司 | Software authorization method and device, computer equipment and storage medium |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102446251B (en) * | 2011-08-24 | 2015-01-14 | 杭州华三通信技术有限公司 | Device activation realizing method and equipment |
-
2006
- 2006-07-10 CN CNB2006101014670A patent/CN100515134C/en not_active Expired - Fee Related
Cited By (15)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2010130125A1 (en) * | 2009-05-14 | 2010-11-18 | 中兴通讯股份有限公司 | Method and apparatus for realizing application right control of mobile terminal |
| CN101699819B (en) * | 2009-11-13 | 2012-07-25 | 中国电信股份有限公司 | Method and system for managing digital rights |
| CN102480724A (en) * | 2010-11-30 | 2012-05-30 | 国民技术股份有限公司 | Software authentication data card, software authentication system and software authentication method |
| CN105791388A (en) * | 2016-01-13 | 2016-07-20 | 四川长虹电器股份有限公司 | Vehicular product remote activation method of internet of vehicles system |
| CN105791388B (en) * | 2016-01-13 | 2019-03-22 | 四川长虹电器股份有限公司 | The long-range Activiation method of the vehicle device of car networking system |
| CN106657137A (en) * | 2017-01-17 | 2017-05-10 | 腾讯科技(上海)有限公司 | Software product legitimacy verification method, apparatus and system |
| CN109564598A (en) * | 2017-03-13 | 2019-04-02 | 华为技术有限公司 | A kind of endpoint detection methods and terminal |
| CN107256348A (en) * | 2017-04-28 | 2017-10-17 | 福建天晴在线互动科技有限公司 | Active coding gets method and its system |
| CN107368297A (en) * | 2017-06-19 | 2017-11-21 | 上海顶羽网络科技有限公司 | A kind of method for generating application code |
| CN110661759A (en) * | 2018-06-30 | 2020-01-07 | 华为技术有限公司 | Access detection method and device |
| CN110661759B (en) * | 2018-06-30 | 2021-10-01 | 华为技术有限公司 | Access detection method and device |
| WO2020063328A1 (en) * | 2018-09-29 | 2020-04-02 | 欧姆龙株式会社 | Activation method, apparatus and system for programmable logic controller |
| CN109567755A (en) * | 2018-12-05 | 2019-04-05 | 成都云卫康医疗科技有限公司 | A kind of management system and business model of sleep breath monitoring equipment |
| CN110413345A (en) * | 2019-07-26 | 2019-11-05 | 云湾科技(嘉兴)有限公司 | Program verification method, calculates equipment and computer storage medium at device |
| CN113051532A (en) * | 2019-12-27 | 2021-06-29 | 施德朗(广州)电气科技有限公司 | Software authorization method and device, computer equipment and storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN100515134C (en) | 2009-07-15 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100515134C (en) | Mobile phone software encryption and verification method | |
| US7734549B2 (en) | Methods and apparatus for managing secured software for a wireless device | |
| US11086972B2 (en) | Methods for controlling access to digital assets | |
| DK1479187T4 (en) | MANAGEMENT OF ACCESS LEVELS IN PHONES USING CERTIFICATES | |
| US20160364707A1 (en) | Potentate: A Cryptography-Obfuscating, Self-Policing, Pervasive Distribution System For Digital Content | |
| CN100524333C (en) | Method for preventing illegal using software | |
| KR100888594B1 (en) | Method for generating licence and method and apparatus for providing contents using the same | |
| KR100711722B1 (en) | Software authentication apparatus for mobile communication terminal and the method thereof | |
| US10678893B2 (en) | Methods and related apparatus for managing access to digital assets | |
| US20070074050A1 (en) | System and method for software and data copy protection | |
| US8307215B2 (en) | System and method for an autonomous software protection device | |
| CN109992987B (en) | Script file protection method and device based on Nginx and terminal equipment | |
| CN102685727A (en) | Method for transmitting and operating application program, system for operating application program, server and terminal | |
| CN102265283A (en) | Method and apparatus for secure software platform access | |
| CN103390122B (en) | Application program transmitting method, application program operating method, sever and terminal | |
| CN101872404A (en) | Method for protecting Java software program | |
| US9858061B2 (en) | Tamperproof installation of building control software in approved runtime environments | |
| CN101167296B (en) | Renewable and individualizable elements of a protected computing environment | |
| CN102708310A (en) | Registration code anti-piracy encryption method for computer software in batch production | |
| KR101322402B1 (en) | System and Method for Security of Application, Communication Terminal Therefor | |
| KR20140011021A (en) | Method for preventing unauthorized copying of the android platform-based applications and inserting digital watermarking in order to track the first clone | |
| Santos et al. | A generic DRM framework for J2ME applications | |
| KR100710884B1 (en) | Mobile Contents Providing System And Method Thereof | |
| Jeong et al. | Preventing execution of unauthorized applications using dynamic loading and integrity check on android smartphones | |
| Jadhav | Protecting the integrity of Android applications by employing automated self-introspection methods |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| EE01 | Entry into force of recordation of patent licensing contract |
Assignee: Chung Kai Hing cultural development (Beijing) Limited Assignor: Wang Lei Contract record no.: 2011990000828 Denomination of invention: Mobile phone software encryption and verification method Granted publication date: 20090715 License type: Exclusive License Open date: 20080116 Record date: 20110826 |
|
| C17 | Cessation of patent right | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20090715 Termination date: 20120710 |