CN107968793B - Method, device and storage medium for downloading white box key - Google Patents
Method, device and storage medium for downloading white box key Download PDFInfo
- Publication number
- CN107968793B CN107968793B CN201711488538.1A CN201711488538A CN107968793B CN 107968793 B CN107968793 B CN 107968793B CN 201711488538 A CN201711488538 A CN 201711488538A CN 107968793 B CN107968793 B CN 107968793B
- Authority
- CN
- China
- Prior art keywords
- key
- white
- box
- parameter combination
- generation request
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/06—Network architectures or network communication protocols for network security for supporting key management in a packet data network
- H04L63/068—Network architectures or network communication protocols for network security for supporting key management in a packet data network using time-dependent keys, e.g. periodically changing keys
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/08—Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
- H04L9/0891—Revocation or update of secret information, e.g. encryption key update or rekeying
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Storage Device Security (AREA)
Abstract
The application relates to the technical field of terminal security protection, in particular to a method and a device for downloading a white box key, which are used for solving the problem that the key is unsafe in the prior art. This application mainly includes: submitting a key file generation request to a server; and receiving the white-box key fed back by the server according to the key file generation request so as to perform encryption and decryption operations subsequently according to the white-box key and the received white-box library file. Therefore, the key is convenient to update, and the white box library file does not need to be updated when the key is updated, so that the dynamic white box encryption process can be simplified, and the security of the key is improved. And furthermore, the safety of the user in decrypting the ciphertext and encrypting the plaintext is improved.
Description
Technical Field
The application relates to the technical field of terminal safety protection, in particular to a method, a device and a system for downloading a white box library file.
Background
With the development of terminal technology, more and more applications are installed in the terminal. The user may generate some data that the attacker does not want to steal in the process of using the application programs, or the user does not want the execution logic of the application program itself to be cracked reversely by the attacker. In order to secure the application and the data generated during the operation of the application, it is often necessary to encrypt the data.
The conventional encryption technology is a black-box encryption technology, which generally refers to a technology for encrypting plaintext data by using an encryption algorithm in a black-box (black-box) environment to obtain ciphertext data and a key. The black box environment is a safe and reliable operating environment invisible to an attacker, and under the environment, the attacker can only obtain input or output of an encryption algorithm but cannot obtain a secret key.
In recent years, intelligent terminals are widely popularized, and as the operating environment of the intelligent terminals is relatively open, that is, the operating environment of the intelligent terminals is visible to attackers (commonly known as white-box environment), the black-box encryption technology is no longer applicable, and the white-box encryption technology is correspondingly proposed. White-box cryptography refers to cryptography that can resist attacks in a white-box environment. The key idea is to confuse the cryptographic algorithm, so that an attacker cannot know the specific algorithm flow, thereby achieving the purpose of protecting key information, preventing the attacker from extracting the key in a white box environment, and ensuring the safety of protected data.
In the existing white-box encryption technology, a key is usually selected first, then scrambling coding is performed on the mapping from a plaintext to a ciphertext, and the coding result is expressed in a lookup table (also called a white-box library file) manner, so that an attacker cannot analyze the key from the lookup table. Such as the white-box AES algorithm designed by Chow et al. But the existing white-box AES algorithm has been broken down so that there is still a security threat to the data in the white-box environment.
Disclosure of Invention
The embodiment of the application provides a method, a device and a system for downloading a white box key, which are used for solving the problem of unsafe key in the prior art.
In order to solve the technical problem, the embodiment of the application adopts the following technical scheme:
a method of downloading a white-box key, comprising:
the client side submits a key file generation request to the server;
the server determining a second code block that matches the key file generation request; operating the second code block to obtain a white box key, and sending the white box key to the client;
and the client receives the white-box key fed back by the server so as to perform encryption and decryption operations subsequently according to the white-box key and the received white-box library file.
A method of downloading a white-box key, comprising:
submitting a key file generation request to a server;
and receiving the white-box key fed back by the server according to the key file generation request so as to perform encryption and decryption operations subsequently according to the white-box key and the received white-box library file.
An apparatus for downloading a white-box key, comprising:
the client is used for submitting a key file generation request to the server and receiving the white box key fed back by the server so as to carry out encryption and decryption operations according to the white box key and the received white box library file subsequently;
the server is used for determining a second code block matched with the key file generation request; and operating the second code block to obtain a white box key, and sending the white box key to the client.
An apparatus for downloading a white-box key, comprising:
the sending module is used for submitting a key file generation request to the server;
and the receiving module is used for receiving the white box key fed back by the server according to the key file generation request so as to perform encryption and decryption operations subsequently according to the white box key and the received white box library file.
The embodiment of the application adopts at least one technical scheme which can achieve the following beneficial effects:
through the technical scheme, the key is convenient to update, and the white box library file does not need to be updated when the key is updated, so that the dynamic white box encryption process can be simplified, and the security of the key is improved. And furthermore, the safety of the user in decrypting the ciphertext and encrypting the plaintext is improved.
Drawings
The accompanying drawings, which are included to provide a further understanding of the application and are incorporated in and constitute a part of this application, illustrate embodiment(s) of the application and together with the description serve to explain the application and not to limit the application. In the drawings:
fig. 1(a) is one of the flow diagrams of the white-box key generation method provided in the present application;
fig. 1(b) is a second schematic flowchart of a white-box key generation method provided in the present application;
FIG. 2 is a flowchart illustrating a method for downloading a white-box key provided in the present application;
fig. 3(a) is one of the flow diagrams of the downloading method of the white-box key provided in the present application;
FIG. 3(b) is a second flowchart illustrating a method for downloading a white-box key provided in the present application;
fig. 4(a) is a schematic structural diagram of a white-box key generation apparatus provided in the present application;
fig. 4(b) is a schematic structural diagram of a downloading apparatus for white-box keys provided in the present application.
Detailed Description
In order to make the objects, technical solutions and advantages of the present application more apparent, the technical solutions of the present application will be described in detail and completely with reference to the following specific embodiments of the present application and the accompanying drawings. It should be apparent that the described embodiments are only some of the embodiments of the present application, and not all of the embodiments. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present application.
The technical solutions provided by the embodiments of the present application are described in detail below with reference to the accompanying drawings.
Referring to fig. 1(a), a schematic flow chart of a white-box key generation method provided by the present application is shown, where the white-box key generation method mainly includes the following steps:
step 11: determining a second code block matching the second parameter combination according to the determined second parameter combination.
Alternatively, in the present application, referring to fig. 1(b), step 11 is specifically performed as:
step 111: a second combination of parameters is determined from the received key file generation request.
The key file generation request may be generated and submitted by the client. The key file generation request carries a second parameter combination, where the second parameter combination at least includes: three types of algorithm identification, original key and target function.
-the algorithm identifier refers to one algorithm identifier or a combination of algorithm identifiers in the encryption algorithm. Currently supported encryption algorithms include: advanced Encryption Standard (AES) algorithm, Data Encryption Standard (DES), Triple Data Encryption Standard (TDES) and block cipher algorithm SM 4.
The original key, which may be a 16-ary format string, is not limited to other bins. I.e., the key format can only contain a-F, 0-9. Specifically, the method comprises the following steps:
selecting AES algorithm, wherein the original key can be 32 or 48 or 64 bit length characters or an array combination;
selecting a DES algorithm, wherein an original key can be a 16-bit length character or an array combination;
selecting a 3DES algorithm, wherein an original key can be a 48-bit length character or an array combination;
the SM4 algorithm was chosen and the original key could be a 32-bit length character or a combination of arrays.
In fact, in the present application, the second parameter combination may include, in addition to the above three types of parameters: a device binding function; the method specifically comprises the following steps: add a device binding function or not. Specifically, the identifier of the client may be added to the second parameter combination. Thus, the processing side of the dynamic white-box technique is enabled to perform white-box key services for a particular user.
Step 112: and selecting a second code block corresponding to the matched code base according to the second parameter combination.
In the present application, before generating the white-box key, the method further includes: the generation process of the white box library file is already described above, and is not described herein again. In the generation scheme of the white-box key, the result generated by combining the white-box library file is required, that is, the specific content in the first parameter combination in the application may be the same as the second parameter combination. Besides different parameters, for example, the AES algorithm is selected in the first parameter, and a platform suitable for the iOS operating system is selected, and is an encryption/decryption operation, then the AES algorithm, the encryption/decryption operation may also be selected in the second parameter; and the second parameter combination can be input at random without the original key in the first parameter combination. In addition, in order to be adapted to the generated white-box library file, after the white-box library file is generated, the library file identifier selected in the process of generating the white-box library file may be sent to the client, and when the client generates the key file generation request, the library file identifier may also be added as a part of the second parameter combination. Then, when the client initiates a key file request, a suitable code library can be selected to find a suitable second code block in combination with the library file identifier.
Step 12: and running the second code block to obtain a white-box key.
Specifically, an original key is substituted into the second code block as an input, and a white-box key corresponding to the original key is obtained through output. The white-box key is understood to be a white-box key processed by a white-box process, and the white-box key generally exists in a character string form.
Through the technical scheme, the dynamic white box technology is adopted, the corresponding second code block is determined according to the second parameter combination carried in the received library file generation request, and after the second code block is operated, the white box key in the dynamic white box technology is obtained, the white box key is very small and has more than 200 bytes probably, so that the key is updated conveniently, in addition, the white box library file does not need to be updated when the key is updated, therefore, the encryption flow of the dynamic white box can be simplified, and the security of the key is improved. Moreover, the dynamic white box technology can configure different encryption strengths according to the service requirements and data processing capacity of users, so that the encryption mode is more flexible.
Referring to fig. 2, a schematic flow chart of a method for downloading a white-box key provided in the present application is shown, where the generating method mainly includes the following steps:
the downloading method is mainly introduced from the system perspective of a client and a white box key server, and mainly comprises the following steps:
step 21: the client submits a key file generation request to the server.
Specifically, the client receives a selection instruction triggered by a selection operation of a user, and determines a second parameter combination selected by the user; thereafter, the second parameter combination is added to the key file generation request, and the key file generation request is submitted to the server, where submission is understood to be sending. The key file generation request carries a second parameter combination. The second parameter combination at least comprises: three types of algorithm identification, original key and target function.
The above white-box key generation scheme has been described, and will not be described herein.
In fact, in the present application, the second parameter combination may include, in addition to the above three types of parameters: a device binding function; the method specifically comprises the following steps: add a device binding function or not. Specifically, the identifier of the client may be added to the second parameter combination. Thus, the processing side of the dynamic white-box technique is enabled to perform white-box key services for a particular user.
Step 22: the server determining a second code block that matches the key file generation request; and operating the second code block to obtain a white-box key, and sending the white-box key to the client.
Specifically, the server generates a request according to the received key file, analyzes a second parameter combination carried by the request, selects a code base matched with the identifier of the library file carried in the second parameter combination from a library corresponding to the encryption algorithm according to the second parameter combination, and determines a corresponding second code block according to the selected code base.
And substituting the original key as input into the second code block, and outputting to obtain a white-box key corresponding to the original key. The white-box key is understood to be a white-box key processed by a white-box process, and the white-box key generally exists in a character string form.
And finally, sending the obtained white box key to the client.
Step 23: and the client receives the white-box key fed back by the server so as to perform encryption and decryption operations subsequently according to the white-box key and the received white-box library file.
And the client receives and stores the white-box key fed back by the server so as to be convenient for the client to process the plaintext or the ciphertext input by the user by combining the white-box library file. And finishing the downloading operation of the white box library file.
In fact, in the present application, there may be a case where multiple clients initiate a white box library file generation request at the same time, at this time, different white box library file generation operations need to be performed according to the identifier of each client, and then the white box library files are sent to the clients corresponding to the client identifiers, respectively.
Referring to fig. 3(a), a schematic flowchart of a downloading method for a white-box key provided by the present application is shown, where the downloading method is mainly described by a client side, and the downloading method mainly includes the following steps:
step 31: and submitting a key file generation request to the server.
Step 32: and receiving the white-box key fed back by the server according to the key file generation request so as to perform encryption and decryption operations subsequently according to the white-box key and the received white-box library file.
Optionally, as shown in fig. 3(b), before submitting the key file generation request to the server, the method further includes:
Step 34: and generating a key file generation request carrying the second parameter combination.
Optionally, step 32 specifically includes: and receiving the white box key fed back by the server according to the second parameter combination carried in the key file generation request.
Optionally, in this application, the white-box key is determined by:
determining a second code block matching the second parameter combination according to the determined second parameter combination;
and running the second code block to obtain a white-box key.
Through the technical scheme, the dynamic white box technology is adopted, the corresponding second code block is determined according to the second parameter combination carried in the received library file generation request, and after the second code block is operated, the white box key in the dynamic white box technology is obtained, the white box key is very small and has more than 200 bytes probably, so that the key is updated conveniently, in addition, the white box library file does not need to be updated when the key is updated, therefore, the encryption flow of the dynamic white box can be simplified, and the security of the key is improved. Moreover, the dynamic white box technology can configure different encryption strengths according to the service requirements and data processing capacity of users, so that the encryption mode is more flexible. Moreover, the method is convenient for the client to flexibly download the required white-box key.
Referring to fig. 4(a), a schematic structural diagram of a white-box key generation apparatus provided in the present application is shown, and the apparatus mainly includes the following functional modules:
a determining module 41a, configured to determine, according to the determined second parameter combination, a second code block matching the second parameter combination.
A processing module 42a, configured to run the second code block to obtain a white-box key, where the second parameter combination at least includes: encryption algorithm identification, original key, target function.
Optionally, the determining module 41a is specifically configured to:
determining a second parameter combination from the received key file generation request;
and selecting a second code block corresponding to the matched code base according to the second parameter combination.
Optionally, the second parameter combination further includes: generating an identifier of the library file selected when the white box library file is generated;
when the determining module 41a selects the second code block corresponding to the matched code base according to the second parameter combination, the determining module is specifically configured to:
selecting a matched code library according to the identification of the library file in the second parameter combination;
determining that the code block in the matched code base is a second code block.
The processing module 42a is specifically configured to substitute an original key as an input into the second code block, and output a white-box key corresponding to the original key.
Referring to fig. 4(b), a schematic structural diagram of a white box key downloading device provided by the present application is shown, where the white box key downloading device mainly includes the following functional modules:
a sending module 41b, configured to submit a key file generation request to the server;
and the receiving module 42b is configured to receive the white-box key fed back by the server according to the key file generation request, so as to perform encryption and decryption operations subsequently according to the white-box key and the received white-box library file.
Optionally, still referring to fig. 4(b), the apparatus further comprises:
a determining module 43b, configured to determine a second parameter combination selected by the user before submitting the key file generation request to the server, and generate a key file generation request carrying the second parameter combination; the second combination of parameters includes at least: encryption algorithm identification, applicable platform identification, and target function.
Optionally, the receiving module 42b is specifically configured to receive the white-box key fed back by the server according to the second parameter combination carried in the key file generation request.
In fact, in the present application, the downloading device of the white-box key can be regarded as a system for downloading the white-box key, including: a client and a server;
the client is used for submitting a key file generation request to the server and receiving the white box key fed back by the server so as to perform encryption and decryption operations according to the white box key and the received white box library file subsequently;
the server is used for determining a second code block matched with the key file generation request; and operating the second code block to obtain a white box key, and sending the white box key to the client.
The embodiment of the present invention further provides a mobile terminal, which includes a processor, a memory, and a computer program stored in the memory and capable of running on the processor, and when being executed by the processor, the computer program implements each process of the foregoing white box key downloading method embodiment, and can achieve the same technical effect, and is not described herein again to avoid repetition.
An embodiment of the present invention further provides a server device, which includes a processor, a memory, and a computer program stored in the memory and capable of running on the processor, where the computer program, when executed by the processor, implements each process of the foregoing white box key generation method, and can achieve the same technical effect, and details are not repeated here to avoid repetition.
The embodiment of the present invention further provides a computer-readable storage medium, where a computer program is stored on the computer-readable storage medium, and when the computer program is executed by a processor, the method for downloading a white-box key and/or the method for generating a white-box key implement the foregoing processes in the embodiment of the white-box key, and can achieve the same technical effects, and in order to avoid repetition, details are not repeated here. The computer-readable storage medium may be a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk.
As will be appreciated by one skilled in the art, embodiments of the present invention may be provided as a method, system, or computer program product. Accordingly, the present invention may take the form of an entirely hardware embodiment, an entirely software embodiment or an embodiment combining software and hardware aspects. Furthermore, the present invention may take the form of a computer program product embodied on one or more computer-usable storage media (including, but not limited to, disk storage, CD-ROM, optical storage, and the like) having computer-usable program code embodied therein.
The present invention is described with reference to flowchart illustrations and/or block diagrams of methods, apparatus (systems), and computer program products according to embodiments of the invention. It will be understood that each flow and/or block of the flow diagrams and/or block diagrams, and combinations of flows and/or blocks in the flow diagrams and/or block diagrams, can be implemented by computer program instructions. These computer program instructions may be provided to a processor of a general purpose computer, special purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, create means for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be stored in a computer-readable memory that can direct a computer or other programmable data processing apparatus to function in a particular manner, such that the instructions stored in the computer-readable memory produce an article of manufacture including instruction means which implement the function specified in the flowchart flow or flows and/or block diagram block or blocks.
These computer program instructions may also be loaded onto a computer or other programmable data processing apparatus to cause a series of operational steps to be performed on the computer or other programmable apparatus to produce a computer implemented process such that the instructions which execute on the computer or other programmable apparatus provide steps for implementing the functions specified in the flowchart flow or flows and/or block diagram block or blocks.
In a typical configuration, a computing device includes one or more processors (CPUs), input/output interfaces, network interfaces, and memory.
The memory may include forms of volatile memory in a computer readable medium, Random Access Memory (RAM) and/or non-volatile memory, such as Read Only Memory (ROM) or flash memory (flash RAM). Memory is an example of a computer-readable medium.
Computer-readable media, including both non-transitory and non-transitory, removable and non-removable media, may implement information storage by any method or technology. The information may be computer readable instructions, data structures, modules of a program, or other data. Examples of computer storage media include, but are not limited to, phase change memory (PRAM), Static Random Access Memory (SRAM), Dynamic Random Access Memory (DRAM), other types of Random Access Memory (RAM), Read Only Memory (ROM), Electrically Erasable Programmable Read Only Memory (EEPROM), flash memory or other memory technology, compact disc read only memory (CD-ROM), Digital Versatile Discs (DVD) or other optical storage, magnetic cassettes, magnetic tape magnetic disk storage or other magnetic storage devices, or any other non-transmission medium that can be used to store information that can be accessed by a computing device. As defined herein, computer readable media does not include transitory computer readable media (transmyedia) such as modulated data signals and carrier waves.
It should also be noted that the terms "comprises," "comprising," or any other variation thereof, are intended to cover a non-exclusive inclusion, such that a process, method, article, or apparatus that comprises a list of elements does not include only those elements but may include other elements not expressly listed or inherent to such process, method, article, or apparatus. Without further limitation, an element defined by the phrase "comprising an … …" does not exclude the presence of other like elements in a process, method, article, or apparatus that comprises the element.
The above description is only an example of the present application and is not intended to limit the present application. Various modifications and changes may occur to those skilled in the art. Any modification, equivalent replacement, improvement, etc. made within the spirit and principle of the present application should be included in the scope of the claims of the present application.
Claims (8)
1. A method of downloading a white-box key, comprising:
the client side submits a key file generation request to the server, wherein the key file generation request carries a second parameter combination, and the second parameter combination comprises an original key, an encryption algorithm identifier, a client side identifier and a library file identifier;
the server determining a second code block that matches the key file generation request; operating the second code block to obtain a white box key, and sending the white box key to the client;
the client receives the white box key fed back by the server so as to perform encryption and decryption operations subsequently according to the white box key and the received white box library file;
wherein running the second code block to obtain a white-box key comprises: substituting an original key as an input into the second code block, and outputting to obtain a white box key corresponding to the original key;
wherein the server determining that the second code block matches the key file generation request comprises: the server analyzes a second parameter combination carried by the key file according to the received key file generation request, selects a code base matched with a base file identifier carried in the second parameter combination from a base corresponding to an encryption algorithm identifier according to the second parameter combination, and determines the corresponding second code block according to the selected code base.
2. A method of downloading a white-box key, comprising:
determining a second parameter combination selected by a user, wherein the second parameter combination at least comprises: the method comprises the steps of encrypting algorithm identification, an original key, applicable platform identification, client identification, target function and library file identification;
generating a key file generation request carrying the second parameter combination;
submitting a key file generation request to a server;
receiving a white-box key fed back by the server according to the key file generation request so as to perform encryption and decryption operations subsequently according to the white-box key and the received white-box library file;
wherein the white-box key is determined by:
determining a second code block matching the second parameter combination according to the determined second parameter combination;
substituting an original key as an input into the second code block, and outputting to obtain a white box key corresponding to the original key;
wherein the second code block is determined by: the server analyzes a second parameter combination carried by the key file according to the received key file generation request, selects a code base matched with the identification of the library file carried in the second parameter combination from a library corresponding to the identification of the encryption algorithm according to the second parameter combination, and determines the corresponding second code block according to the selected code base.
3. The method of claim 2, wherein receiving the white-box key requested by the server to generate the feedback according to the key file comprises:
and receiving the white box key fed back by the server according to the second parameter combination carried in the key file generation request.
4. An apparatus for downloading a white-box key, comprising:
the client is used for submitting a key file generation request to the server and receiving a white box key fed back by the server so as to perform encryption and decryption operations subsequently according to the white box key and a received white box library file, wherein the key file generation request carries a second parameter combination, and the second parameter combination comprises an original key, an encryption algorithm identifier and a library file identifier;
the server is used for determining a second code block matched with the key file generation request; operating the second code block to obtain a white box key, and sending the white box key to the client;
wherein running the second code block to obtain a white-box key comprises: substituting an original key as an input into the second code block, and outputting to obtain a white box key corresponding to the original key;
wherein the server determining that the second code block matches the key file generation request comprises: the server analyzes a second parameter combination carried by the key file according to the received key file generation request, selects a code base matched with a base file identifier carried in the second parameter combination from a base corresponding to an encryption algorithm identifier according to the second parameter combination, and determines the corresponding second code block according to the selected code base.
5. An apparatus for downloading a white-box key, comprising:
the determining module is used for determining a second parameter combination selected by a user and generating a key file generating request carrying the second parameter combination; the second combination of parameters includes at least: an encryption algorithm identifier, an original key, an applicable platform identifier, a target function and a library file identifier;
the sending module is used for submitting a key file generation request to the server;
the receiving module is used for receiving the white box key fed back by the server according to the key file generation request so as to perform encryption and decryption operations subsequently according to the white box key and the received white box library file;
wherein the white-box key is determined by:
determining a second code block matching the second parameter combination according to the determined second parameter combination;
substituting an original key as an input into the second code block, and outputting to obtain a white box key corresponding to the original key;
wherein the second code block is determined by: the server analyzes a second parameter combination carried by the key file according to the received key file generation request, selects a code base matched with the identification of the library file carried in the second parameter combination from a library corresponding to the identification of the encryption algorithm according to the second parameter combination, and determines the corresponding second code block according to the selected code base.
6. The apparatus according to claim 5, wherein the receiving module is specifically configured to receive a white-box key fed back by the server according to the second parameter combination carried in the key file generation request.
7. An apparatus for downloading a white-box key, comprising: memory, processor and computer program stored on the memory and executable on the processor, which computer program, when executed by the processor, carries out the steps of the method according to any one of claims 2 to 3.
8. A computer-readable storage medium, characterized in that a computer program is stored on the computer-readable storage medium, which computer program, when being executed by a processor, carries out the steps of the method according to any one of claims 2 to 3.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711488538.1A CN107968793B (en) | 2017-12-29 | 2017-12-29 | Method, device and storage medium for downloading white box key |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201711488538.1A CN107968793B (en) | 2017-12-29 | 2017-12-29 | Method, device and storage medium for downloading white box key |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN107968793A CN107968793A (en) | 2018-04-27 |
| CN107968793B true CN107968793B (en) | 2021-03-19 |
Family
ID=61993848
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201711488538.1A Active CN107968793B (en) | 2017-12-29 | 2017-12-29 | Method, device and storage medium for downloading white box key |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN107968793B (en) |
Families Citing this family (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN110149312B (en) * | 2019-04-09 | 2021-10-15 | 北京奇艺世纪科技有限公司 | Data processing method, device, system and computer readable storage medium |
| CN110855667B (en) * | 2019-11-14 | 2023-04-07 | 宁夏吉虎科技有限公司 | Block chain encryption method, device and system |
Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101536398A (en) * | 2006-11-17 | 2009-09-16 | 皇家飞利浦电子股份有限公司 | Cryptographic method for a white-box implementation |
| CN102047220A (en) * | 2008-05-23 | 2011-05-04 | 爱迪德加拿大公司 | System and method for generating white-box implementations of software applications |
| US8699702B2 (en) * | 2011-01-10 | 2014-04-15 | Apple Inc. | Securing cryptographic process keys using internal structures |
-
2017
- 2017-12-29 CN CN201711488538.1A patent/CN107968793B/en active Active
Patent Citations (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101536398A (en) * | 2006-11-17 | 2009-09-16 | 皇家飞利浦电子股份有限公司 | Cryptographic method for a white-box implementation |
| CN102047220A (en) * | 2008-05-23 | 2011-05-04 | 爱迪德加拿大公司 | System and method for generating white-box implementations of software applications |
| US8699702B2 (en) * | 2011-01-10 | 2014-04-15 | Apple Inc. | Securing cryptographic process keys using internal structures |
Also Published As
| Publication number | Publication date |
|---|---|
| CN107968793A (en) | 2018-04-27 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110650010B (en) | Method, device and equipment for generating and using private key in asymmetric key | |
| CN108134673B (en) | Method and device for generating white box library file | |
| CN108111622B (en) | Method, device and system for downloading white box library file | |
| CN105577379B (en) | Information processing method and device | |
| CN109728914B (en) | Digital signature verification method, system, device and computer readable storage medium | |
| CN107078904B (en) | Hybrid cryptographic key derivation | |
| US10601590B1 (en) | Secure secrets in hardware security module for use by protected function in trusted execution environment | |
| CA2293684A1 (en) | Secure deterministic encryption key generator system and method | |
| CN106452770B (en) | Data encryption method, data decryption method, device and system | |
| US11424919B2 (en) | Protecting usage of key store content | |
| US10963593B1 (en) | Secure data storage using multiple factors | |
| EP3125462A1 (en) | Balanced encoding of intermediate values within a white-box implementation | |
| US20230325516A1 (en) | Method for file encryption, terminal, electronic device and computer-readable storage medium | |
| CN107947917A (en) | A kind of method and device for generating whitepack key | |
| CN112115461B (en) | Equipment authentication method and device, computer equipment and storage medium | |
| CN111538977A (en) | Cloud API key management method, cloud platform access method, cloud API key management device, cloud platform access device and server | |
| CN107968793B (en) | Method, device and storage medium for downloading white box key | |
| CN110149312B (en) | Data processing method, device, system and computer readable storage medium | |
| US20200044838A1 (en) | Data encryption method and system using device authentication key | |
| CN108965278B (en) | Transaction request processing method and device | |
| CN112199730A (en) | Method and device for processing application data on terminal and electronic equipment | |
| CN116346341A (en) | Private key protection and server access method, system, equipment and storage medium | |
| WO2021129681A1 (en) | Scheduling method and apparatus, and medium and device | |
| EP3278259B1 (en) | Data protection | |
| CN114329596A (en) | Firmware updating method, device and system for Internet of things equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |