CN100518354C - Method of application program for prevention illegal update mobile terminal - Google Patents
Method of application program for prevention illegal update mobile terminal Download PDFInfo
- Publication number
- CN100518354C CN100518354C CNB2007100867454A CN200710086745A CN100518354C CN 100518354 C CN100518354 C CN 100518354C CN B2007100867454 A CNB2007100867454 A CN B2007100867454A CN 200710086745 A CN200710086745 A CN 200710086745A CN 100518354 C CN100518354 C CN 100518354C
- Authority
- CN
- China
- Prior art keywords
- application program
- version
- program updating
- portable terminal
- updating device
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Ceased
Links
Images
Landscapes
- Mobile Radio Communication Systems (AREA)
Abstract
The disclosed method for preventing illegal upgrading the mobile terminal application program comprises: S102, the mobile terminal and the upgrade device take interaction for upgrading; S1104, the terminal identifies the upgrade device, if the device passes the identification, goes to next step, or lese finishes the process; and S106, the mobile terminal validates the upgrade version program, if the version passes the validating, the terminal downloads the program for upgrading, or else finishes the process. This invention is efficient.
Description
Technical field
The present invention relates to the communications field, relate more specifically to a kind of method that prevents the application program of illegal update mobile terminal.
Background technology
Cell phone software can by software mode with various download software downloads in mobile phone, high pass product support instrument (QUALCOMM Product Support Tool as high pass, be called for short QPST) can be in mobile phone with the software download of its corresponding platform, this is the most frequently used a kind of simple edition upgrading mode at maintenace point.
The most frequently used a kind of method of mobile phones software upgrading is, download software and mobile phone carry out mutual after, download to its corresponding download agent software in the mobile phone and startup enters a downloading mode.Mobile phone moves under the control of download agent software after entering downloading mode, and download agent software leaves the edition data that PC side download software sends over the correspondence position of mobile phone in, thereby realizes the upgrading of cell phone software version.
But there is a kind of risk in the mobile phones software upgrading mode, promptly by downloading some illegal cell phone softwares in mobile phone, may destroy the more original functions of mobile phone, as the locking network and card function of mobile phone, thereby mobile phone market has been formed harm.
In various cell phone platforms, mobile phone and PC side software generally carry out the communication of various mechanism by USB mouth or serial ports etc., as the Diag mechanism of AT order and high pass etc.By these communication capacities, mobile phone and PC side software can be expanded the various instructions of customization, and can customize the mutual of various information as required.
Summary of the invention
In view of above-mentioned one or more problems, the invention provides a kind of method that prevents the application program of illegal update mobile terminal.
The method of the application program of illegal update mobile terminal that prevents according to the present invention may further comprise the steps: S102, and portable terminal and application program updating device are upgraded alternately; S104, portable terminal application programs update device verify, if the application program updating device carries out following steps by checking, otherwise finish with the upgrading of application program updating device mutual; S106, portable terminal is verified the application program updating version that is stored in the application program updating device, if the application program updating version is by checking, then portable terminal is from application program updating device down load application program upgrade version, otherwise finishes with the upgrading of application program updating device mutual.
Wherein, step S104 may further comprise the steps: S1042, application program updating device use the right PKI of a RSA (Rivest Shamir Adleman) key that the public information of portable terminal is encrypted; S1044, portable terminal uses the right private key of first RSA key to being decrypted through the public information of encrypting, if correctly decipher public information, then the identity of application upgrade device is legal, portable terminal carries out step S106, otherwise portable terminal finishes and the upgrading of application program updating device is mutual.
Wherein, step S106 may further comprise the steps: S1062, application program updating device use the version information of the right PKI application programs upgraded version of second RSA key to encrypt; S1068, portable terminal uses the right private key of second RSA key to being decrypted through the version information of encrypting, and the version information that decrypts is verified according to the version proof rule, if the application program updating version is legal version, then portable terminal is from application program updating device down load application program upgrade version, otherwise that portable terminal finishes with the upgrading of application program updating device is mutual.
Wherein, step S106 is further comprising the steps of: S1064, and the application program updating device will be kept in the application program updating version through the version information of encrypting; S1066, portable terminal obtain the version information through encrypting from the application program updating version.
Wherein, portable terminal and application program updating device communicate by the custom instruction of expansion.Portable terminal is mobile phone and/or PDA.The mobile phone of different model has different public informations.Public information is the IMEI number of mobile phone.
Adopt the method according to this invention, can control effectively, thereby realize preventing to adopt software mode to carry out the purpose that illegal cell phone software is downloaded mobile phone-downloaded software link.Mechanism principle among the present invention can be generalized to the mobile phone of various standards, has very wide versatility.In addition, the method according to this invention combines many-sided knowledge of mobile phone development, and the ingenious RSA cryptographic algorithms of having introduced, thereby has increased the anti-attack ability of cell phone software, has guaranteed the fail safe of cell phone software system.
Description of drawings
Accompanying drawing described herein is used to provide further understanding of the present invention, constitutes the application's a part, and illustrative examples of the present invention and explanation thereof are used to explain the present invention, do not constitute improper qualification of the present invention.In the accompanying drawings:
Figure 1A to Fig. 1 C is according to the method for the application program that prevents illegal update mobile terminal of the embodiment of the invention and the flow chart of step thereof;
Fig. 2 is the flow chart of method that prevents the application program of illegal update mobile terminal according to another embodiment of the present invention; And
Fig. 3 is the flow chart of PC side software in the method shown in Figure 2 and the cell phone software information interaction of carrying out.
Embodiment
Below with reference to accompanying drawing, describe the specific embodiment of the present invention in detail.
The present invention adopts cryptographic algorithm, and in conjunction with the mobile communication ability, has proposed a kind of method of the application program that prevents illegal update mobile terminal newly.
RSA cryptographic algorithms is a kind of PKIX (Public Key Infrastructure, be called for short PKI) technology, it is the asymmetric arithmetic based on public-key cryptography, it adopts two very large prime numbers to produce diverse PKI (promptly, encryption key) and private key (that is decruption key).Adopt RSA Algorithm to encrypt and have very high anti-attack ability, in mobile phone, introduce this algorithm and carry out the design of secure context, can improve the security performance of mobile phone greatly with authentication.
Figure 1A to Fig. 1 C shows according to the method for the application program that prevents illegal update mobile terminal of the embodiment of the invention and the flow chart of step thereof.
Shown in Figure 1A, this method may further comprise the steps: S102, and portable terminal and application program updating device are upgraded alternately; S104, portable terminal application programs update device verify, if the application program updating device carries out following steps by checking, otherwise finish with the upgrading of application program updating device mutual; S106, portable terminal is verified the application program updating version that is stored in the application program updating device, if the application program updating version is by checking, then portable terminal is from application program updating device down load application program upgrade version, otherwise finishes with the upgrading of application program updating device mutual.
Shown in Figure 1B,, step S104 may further comprise the steps: S1042, application program updating device use the right PKI of first RSA key that the public information of portable terminal is encrypted; S1044, portable terminal uses the right private key of first RSA key to being decrypted through the public information of encrypting, if correctly decipher public information, then the identity of application upgrade device is legal, portable terminal carries out step S106, otherwise portable terminal finishes and the upgrading of application program updating device is mutual.
Shown in Fig. 1 C, step S106 may further comprise the steps: S1062, application program updating device use the version information of the right PKI application programs upgraded version of second RSA key to encrypt; S1068, portable terminal uses the right private key of second RSA key to being decrypted through the version information of encrypting, and the version information that decrypts is verified according to the version proof rule, if the application program updating version is legal version, then portable terminal is from application program updating device down load application program upgrade version, otherwise that portable terminal finishes with the upgrading of application program updating device is mutual.
Wherein, step S106 can also may further comprise the steps: S1064, and the application program updating device will be kept in the application program updating version through the version information of encrypting; S1066, portable terminal obtain the version information through encrypting from the application program updating version.
Wherein, portable terminal and application program updating device communicate by the custom instruction of expansion.Said herein portable terminal comprises mobile phone or PDA, but is not limited to mobile phone and PDA, and it can be any mobile device that can be used for communicating.Wherein, the mobile phone of different model has different public informations.Said herein public information can be the IMEI number of mobile phone.
Fig. 2 shows the flow chart of the method for the application program that prevents illegal update mobile terminal according to another embodiment of the present invention.Wherein, in method shown in Figure 2, portable terminal is a mobile phone.As shown in Figure 2, the method that prevents the application program of illegal update mobile phone comprises the following steps:
S202, the array space Array_ver of a fixed position of reservation is used to deposit the authentication information of encryption in the mobile phone code.Load description document by revising to distribute, the address of this reservation array space compiling is fixed and noted.Step S202 specifically comprises following content: in a specific file, in the empty array (adopting 128 RSA cryptographic algorithms) of the char type of one 128 of the forward location definitions of file; In distribute loading description document, the compiling address of this specific file is fixed as certain address; By the position of this array in this document, calculate this array compiling address and note.
S204 selects a pair of RSA key that Key1 is used for authentication, determines a kind of version proof rule, selects another that RSA key is used for the version checking to Key2.Key1 herein and Key2 can adopt with a pair of RSA key.Step S204 specifically comprises following content: determine a kind of version proof rule (for example, the version authorization information is certain number a, and having only the version authorization information b of new software version is b=a+1, could by authentication); It is right to utilize the RSA instrument to generate two pairs of RSA keys at random: Key1 and Key2; Version authorization information a is kept in the cell phone software code as constant, calls for subsequent step.Wherein, the PKI of Key1 and Key2 is encrypted for the PC side software and is used, and the private key of Key1 and Key2 uses for the deciphering of mobile phone side software.
S206 utilizes public information and key that Key1 is carried out authentication, adds the authentication code respectively in mobile phone side and PC side.Its principle is: the PC side software is encrypted the public information of mobile phone with the PKI of Key1, and the public information that the PC side software will be encrypted sends to cell phone software, and cell phone software is decrypted to verify the identity of PC side software it with the Key1 private key.Its fail safe has mainly utilized the authentication function of RSA Algorithm, and its fail safe guarantees by the fail safe of Key1.This step specifically comprises following content: public information generally can be considered the IMEI number of mobile phone.Each mobile phone all has a difference and unique IMEI number, and the PC side software can obtain the IMEI number of mobile phone by some interfaces.The PC side software sends to cell phone software after with the public key encryption of IMEI number with Key1.Cell phone software is decrypted this information with the private key of Key1, if can correctly decipher the IMEI number into mobile phone, represents that then the PC side software is a legal software, allows to carry out next step version information proof procedure.
S208 generates the version information of encrypting, and deposits in the Array_ver array space of new software version, is used for the version checking.This step specifically comprises following content: with the Key2 PKI version authorization information is carried out encryption, obtain the version information of a public key encryption.The version information of this encryption will be written in Array_ver array reservation, known location the space of cell phone software version file in download after the cell phone software version generates.
S210 utilizes version information and key that Key2 is carried out the version information checking, adds the version Validation Code respectively in mobile phone side and PC side.The PC side reads the encrypted data in the Array_ver array space of the redaction cell phone software file that will download, with its according to a preconcerted arrangement interface send to mobile phone by existing communication mechanism.Mobile phone is decrypted with the Key2 private key the encrypted data that receives, and verifies according to the version proof rule.
S212, whether the mobile phone side software enters normal downloading process according to authentication and version checking result decision, has only through authentication and version checking and could normally download cell phone software.This step specifically comprises following content: to carrying out authentication process itself and entering normally to download switch is set respectively.At first carry out authentication, by then opening the switch that carries out the checking of next step version, otherwise directly return miscue, failed download when carrying out authentication as authentication.According to version checking result, whether decision is opened and is entered the switch that normally downloads.
Fig. 3 is the flow chart of PC side software in the method shown in Figure 2 and the cell phone software information interaction of carrying out.As shown in Figure 3, PC side software and cell phone software carry out mutual process and may further comprise the steps:
S302, the PC side reads the public information (as IMEI number, the IMEI number of each mobile phone all is unique, has individual difference) of mobile phone from the mobile phone side by instruction.
S304, the PC side software carries out encryption with the Key1 PKI to the public information IMEI number that obtains, because the Key1 key is to maintaining secrecy, and each mobile phone IMEI number difference, so its encrypted result is also different, encrypted result has the authentication function, is used to discern illegal download software.
S306, the mobile phone side judges that to the legal identity of PC side software as legal, then downloading relevant treatment can go on, otherwise subsequent treatment all will be refused by the mobile phone side.Can the result that PC side adversary pusher side returns judges to determine whether it can carry out next step operation, carry out next step operation and be decided by the mobile phone side.
S308, the PC side software reads the 128byte version information of having crossed with the Key2 public key encryption the mobile phone from the reserved location of new cell phone software version file.Send to cell phone software, cell phone software is decrypted this version information.Can judge according to version proof rule mobile phone side whether new cell phone software version is legal version.Because with the Key2 public key encryption mistake of maintaining secrecy, so this enciphered message is safe not having under the right situation of key.
S310, the mobile phone side judges the legitimacy of new software version, as the legal switch of then opening normal download, otherwise can't enter the subsequent operation of normal download.Can the result that PC side adversary pusher side returns judges to determine whether it can carry out next step operation, carry out next step operation and be decided by the mobile phone side.
S312, downloading flow process all is closed condition in the ordinary course of things.
S314 has only the PC side software that has passed through authentication and version checking just can enter normal download flow process.Download being provided with in the critical workflow that the position should be located at download of flow process switch.
In sum, the invention provides a kind of method of the application program that prevents the illegal download portable terminal newly.In the method, introduced RSA Algorithm, the mode that adopts authentication and version to verify has guaranteed the legitimacy of software upgrading version.When making mobile terminal software edition, release content is added the version authorization information by RSA Algorithm.Simultaneously, before download, portable terminal need carry out identity to the PC side software by the key mode and differentiate.Can not stop it to enter normal download state by the illegal software of authentication and version checking.Because proof rule, identity information and version information self have confidentiality, add the high security that adopts RSA Algorithm, and then can come the legitimacy of controlling application program upgrading, thereby improved its anti-ability that cracks from mobile terminal side and PC side two aspects.The realization principle thinking of the method according to this invention mainly comprises following content: portable terminal and PC side software carry out communication by the custom instruction of expansion, realize the mutual of both sides' information; Adopt the RSA key algorithm,, realize the authentication of portable terminal, download the legitimacy of software to judge this PC side to the PC side software in conjunction with public information; The additional version information of having encrypted is verified this downloaded software version according to the version proof rule, to judge the legitimacy of this mobile terminal software edition in mobile terminal software edition; According to above checking result is whether legal downloading process is provided with switch, with normally carrying out that control is downloaded.
Wherein, the mode of portable terminal and the communication of PC side software can realize in different ways along with each platform character is different.Wherein, communication instruction must have autgmentability to satisfy the mutual of PC side and mobile terminal side information in this method, and this is an essential condition.The ability of free extended instruction has also improved the fail safe of this method.
Wherein, public information refers to the information that portable terminal is disclosed and the PC side software obtains easily.This public information should select to have the information of portable terminal individual difference, utilizes the public information with portable terminal individual difference to carry out authentication and can improve it and crack difficulty.RSA Algorithm is the most frequently used and reliable a kind of algorithm of realizing authentication function, has very strong anti-attack ability, also can adopt other alternative algorithm to realize according to actual conditions.This part fail safe of checking of placing oneself mainly guarantees by the fail safe of algorithm.
Wherein, the version proof rule at this place and version information can define according to user's needs, and the fail safe at this place relies on version information, version proof rule and algorithm to come multiple assurance.
The above is the preferred embodiments of the present invention only, is not limited to the present invention, and for a person skilled in the art, the present invention can have various changes and variation.Within the spirit and principles in the present invention all, any modification of being done, be equal to replacement, improvement etc., all should be included within protection scope of the present invention.
Claims (8)
1. a method that prevents the application program of illegal update mobile terminal is characterized in that, said method comprising the steps of:
S102, portable terminal and application program updating device are upgraded alternately;
S104, described portable terminal verify described application program updating device, if described application program updating device then carries out following steps by checking, otherwise finish with the upgrading of described application program updating device mutual; And
S106, described portable terminal is verified the application program updating version that is stored in the described application program updating device, if described application program updating version is by checking, then described portable terminal is downloaded described application program updating version from described application program updating device, otherwise finishes with the upgrading of described application program updating device mutual.
2. the method that prevents the application program of illegal update mobile terminal according to claim 1 is characterized in that, described step S104 may further comprise the steps:
S1042, described application program updating device use the right PKI of first RSA key that the public information of described portable terminal is encrypted; And
S1044, described portable terminal use the right private key of described first RSA key to being decrypted through the described public information of encrypting, if correctly decipher described public information, the identity of then described application upgrade device is legal, and described portable terminal carries out
S106, otherwise described portable terminal finishes and the upgrading of described application program updating device is mutual.
3. the method that prevents the application program of illegal update mobile terminal according to claim 1 and 2 is characterized in that, described step S106 may further comprise the steps:
S1062, described application program updating device use the right PKI of second RSA key that the version information of described application program updating version is encrypted; And
S1068, described portable terminal uses the right private key of described second RSA key to being decrypted through the described version information of encrypting, and the described version information that decrypts is verified according to the version proof rule, if described application program updating version is legal version, then described portable terminal is downloaded described application program updating version from described application program updating device, otherwise described portable terminal finishes and the upgrading of described application program updating device is mutual.
4. the method that prevents the application program of illegal update mobile terminal according to claim 3 is characterized in that, described step S106 is further comprising the steps of:
S1064, described application program updating device will be kept in the described application program updating version through the described version information of encrypting; And
S1066, described portable terminal obtain the described version information through encrypting from described application program updating version.
5. the method that prevents the application program of illegal update mobile terminal according to claim 3 is characterized in that, described portable terminal and application program updating device communicate by the custom instruction of expansion.
6. the method that prevents the application program of illegal update mobile terminal according to claim 3 is characterized in that described portable terminal is a mobile phone.
7. the method that prevents the application program of illegal update mobile terminal according to claim 6 is characterized in that, the described mobile phone of different model has different described public informations.
8. the method that prevents the application program of illegal update mobile terminal according to claim 7 is characterized in that, described public information is the IMEI number of described mobile phone.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2007100867454A CN100518354C (en) | 2007-03-13 | 2007-03-13 | Method of application program for prevention illegal update mobile terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2007100867454A CN100518354C (en) | 2007-03-13 | 2007-03-13 | Method of application program for prevention illegal update mobile terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN101043680A CN101043680A (en) | 2007-09-26 |
| CN100518354C true CN100518354C (en) | 2009-07-22 |
Family
ID=38808820
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2007100867454A Ceased CN100518354C (en) | 2007-03-13 | 2007-03-13 | Method of application program for prevention illegal update mobile terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100518354C (en) |
Families Citing this family (13)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| WO2009086678A1 (en) * | 2007-12-29 | 2009-07-16 | Zte Corporation | Method and apparatus for realizing software secure download in mobile terminal |
| CN101400062B (en) * | 2008-10-23 | 2010-07-14 | 中兴通讯股份有限公司 | Updating method and system for network locking terminal |
| CN101437224A (en) * | 2008-12-22 | 2009-05-20 | 中兴通讯股份有限公司 | Method for updating mobile terminal software and mobile terminal |
| CN102043644B (en) * | 2009-10-12 | 2015-07-22 | 中兴通讯股份有限公司 | Upgrading method and device for line card main program |
| CN102104749B (en) * | 2009-12-22 | 2015-04-15 | 康佳集团股份有限公司 | System and method for upgrading television |
| CN103002436B (en) * | 2012-12-07 | 2014-12-10 | 青岛海信移动通信技术股份有限公司 | Upgrade method and device of terminal device with android platform |
| CN102981881B (en) * | 2012-12-10 | 2018-03-27 | 中兴通讯股份有限公司 | A kind of method and system for preventing updating mobile terminal to illegal firmware version |
| CN103677899B (en) * | 2013-11-15 | 2017-08-01 | 小米科技有限责任公司 | The method and apparatus of application program is installed |
| CN105656859B (en) * | 2014-11-18 | 2020-08-11 | 航天信息股份有限公司 | Tax control equipment software safety online upgrading method and system |
| DE102015203776A1 (en) * | 2015-03-03 | 2016-09-08 | Robert Bosch Gmbh | Method for programming a control device of a motor vehicle |
| US9887842B2 (en) | 2015-06-30 | 2018-02-06 | International Business Machines Corporation | Binding software application bundles to a physical execution medium |
| CN105975850B (en) * | 2016-07-01 | 2020-01-14 | 惠州Tcl移动通信有限公司 | Software downloading method and system based on mobile terminal |
| CN113282951B (en) * | 2021-03-12 | 2024-02-09 | 北京字节跳动网络技术有限公司 | Application program security verification method, device and equipment |
-
2007
- 2007-03-13 CN CNB2007100867454A patent/CN100518354C/en not_active Ceased
Also Published As
| Publication number | Publication date |
|---|---|
| CN101043680A (en) | 2007-09-26 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN100518354C (en) | Method of application program for prevention illegal update mobile terminal | |
| US9531681B2 (en) | Method for the authentication of applications | |
| US8627086B2 (en) | Secure loading and storing of data in a data processing device | |
| US8225110B2 (en) | Cryptographic protection of usage restrictions in electronic devices | |
| US9338647B2 (en) | Mobile station with bond between end device and security element | |
| CN101300583B (en) | Simple scalable and configurable secure boot for trusted mobile phones | |
| CN100396012C (en) | Software validity checking system and method based on device management protocol | |
| US20080003980A1 (en) | Subsidy-controlled handset device via a sim card using asymmetric verification and method thereof | |
| US20060095454A1 (en) | System and method for secure collaborative terminal identity authentication between a wireless communication device and a wireless operator | |
| EP1712992A1 (en) | Updating of data instructions | |
| JP2004538584A (en) | Information processing method and system in electronic device, electronic device, and processing block | |
| EP1645931A1 (en) | Secure loading and storing of data in a data processing device | |
| WO2003021991A1 (en) | Method of verifying downloaded software and corresponding device | |
| KR20090109589A (en) | Secure protection method for access to protected resources in a processor | |
| CN101828357A (en) | Credential provisioning | |
| US20100255813A1 (en) | Security in a telecommunications network | |
| US20030059049A1 (en) | Method and apparatus for secure mobile transaction | |
| CN108702353B (en) | Method of receiving data within an electronic entity and associated electronic entity | |
| CN112069535A (en) | Dual-system safety intelligent terminal architecture based on access partition physical isolation | |
| WO2006039967A1 (en) | Secure loading and storing of data in a data processing device | |
| KR20080039145A (en) | Method and apparatus for preventing illegal use of mobile terminal | |
| JP2002152196A (en) | Method for program authentication without secret key, program id communication processing control method, program id communication range control method, and method for providing communication line by open key | |
| JP4158758B2 (en) | Program ID communication processing control method, program ID communication range control method, and public key communication path providing method | |
| CN102354360B (en) | A kind of prevent the equipment of terminal illegal update, terminal and method | |
| CN118159966A (en) | Authorized application program for secure element |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| TR01 | Transfer of patent right | ||
| TR01 | Transfer of patent right |
Effective date of registration: 20180709 Address after: California, USA Patentee after: Global innovation polymerization LLC Address before: 518057 Zhongxing building, science and technology south road, Nanshan District hi tech Industrial Park, Guangdong, Shenzhen Patentee before: ZTE Corp. |
|
| IW01 | Full invalidation of patent right | ||
| IW01 | Full invalidation of patent right |
Decision date of declaring invalidation: 20220105 Decision number of declaring invalidation: 53344 Granted publication date: 20090722 |