CN102082784A - Method for upgrading software on line - Google Patents
Method for upgrading software on line Download PDFInfo
- Publication number
- CN102082784A CN102082784A CN2010105465596A CN201010546559A CN102082784A CN 102082784 A CN102082784 A CN 102082784A CN 2010105465596 A CN2010105465596 A CN 2010105465596A CN 201010546559 A CN201010546559 A CN 201010546559A CN 102082784 A CN102082784 A CN 102082784A
- Authority
- CN
- China
- Prior art keywords
- software
- product
- data summarization
- private key
- data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Abstract
The invention discloses a method for upgrading software on line. The method comprises the following steps of: encrypting software to be upgraded by using asymmetry of a radio supervisory adapter (RSA) encryption algorithm to generate a public key and a private key which form a pair; and placing the public key at a network server end and the private key in a software system of a product, wherein the public key is used for encryption and the private key is used for decryption. Two prime numbers are multiplied by an RSA, and the product is publically used as an encryption key and is resolved into factors during decryption; but the two prime numbers can be more easily multiplied and the product can be extremely difficultly dissolved into the factors. The encryption and the decryption at the network server end and a product end are set by an RSA data encryption algorithm and a secure hash algorithm (SHA) 1 data digest algorithm respectively; the software can be downloaded and upgraded after settings are compared to be consistent; associated verification and encryption mechanisms are established at the two ends, namely the network server end and the product software system end; thus the integrity of the software is correctly identified, the wrong or tampered software is prevented from being upgraded into the product, and the software at the product end is securely upgraded.
Description
Technical field
The present invention relates to a kind of method for upgrading software, particularly relate to the upgrade method that a kind of software safety on line is maintained secrecy.
Background technology:
At present, along with popularizing and the raising of software complexity of network application, increasing product provides the on-line software updating function, for example mobile phone, Web TV, set-top box, player etc.Common way is: the software systems of product are connected to the webserver, download software and finish upgrading.This method is simple and practical, but along with complicated network environment, the hidden danger of several aspects below needing to consider: when the first, software transmits in network, may have partial data and make a mistake; The second, the software document on the webserver is distorted in hacker's malicious attack; Three, route is made the software systems of product be linked to wrong server by human intervention, downloads to wrong software.If do not set up a kind of security mechanism of on-line software updating, but directly download software and directly upgrading, when above-mentioned situation takes place, may cause the software systems collapse and product can't normally be used, or in the software by some functional parts of the implantation of malice.
Summary of the invention:
The objective of the invention is to overcome the deficiencies in the prior art, a kind of on-line software updating method is provided, by setting up verification and the encryption mechanism that is associated at the webserver and these two ends of product software system, integrality that can identification software prevents that software upgrading wrong or that distorted is in product.
In order to achieve the above object, the technical solution used in the present invention is, a kind of on-line software updating method, and step is as follows:
Step 3.1, use SHA1 data summarization algorithm carry out computing to software document, generate the data summarization of 20 bytes;
Step 3.2, use RSA DEA are encrypted 20 byte datas summary with PKI, and data encrypted are left in the independent file;
Step 3.3, software document and corresponding encrypt file are placed on the webserver;
Step 4.1, product end system are connected to the webserver, download software document and corresponding encrypt file;
Step 4.2, use RSA DEA are decrypted the encrypt file of downloading with private key, obtain the data summarization A of 20 bytes;
Step 4.3, use SHA1 data summarization algorithm carry out computing to the downloaded software file, obtain the data summarization B of 20 bytes;
Step 4.4, comparing data summary A and data summarization B identically think that then software document is a complete sum safety, can be used for upgrading, otherwise think that software document is wrong, abandon upgrading;
The network of indication of the present invention is network application environments such as internet, 3G network, GPRS.
Compared with prior art, the invention has the beneficial effects as follows: utilize RSA DEA and SHA1 data summarization algorithm respectively network server end and product end to be carried out the setting of encryption and decryption, can download and upgrade by contrasting after the unanimity, set up verification and the encryption mechanism that is associated at the webserver and these two ends of product software system, accomplish the integrality of correct identification software, prevent software upgrading wrong or that distorted in product, make product end safety upgrade software.
Description of drawings:
Fig. 1 is a software program flow chart of the present invention.
Embodiment:
Purport of the present invention is to overcome the deficiencies in the prior art, a kind of on-line software updating method is provided, set up verification and the encryption mechanism that is associated at the webserver and these two ends of product software system, accomplish the integrality of correct identification software, prevent software upgrading wrong or that distorted in product, make product end safety upgrade software.
This on-line software updating method utilizes the asymmetry of RSA cryptographic algorithms that upgrade software is encrypted, generate pair of secret keys, be PKI and private key, PKI is placed on network server end, private key is placed in the software systems of product, PKI is used for encrypting, and when product up-gradation, deciphers with private key.RSA Algorithm multiplies each other two prime numbers based on a foolproof number theory fact, and product is open as encryption key, when deciphering its product is carried out factor and decompose, but two prime numbers multiplies each other than being easier to, and decomposes extremely difficult and its product is carried out factor.
In the process of encryption and decryption, used SHA SHA (abbreviation of English Secure Hash Algorithm), SHA0, SHA1, SHA224, SHA256, SHA384 and SHA512 are a series of Cryptographic Hash Functions of SHA.For the data of length less than the 2^64 position, data summarization algorithm SHA1 can produce the data summarization of one 20 byte.When receiving data, the data summarization of this 20 byte can be used for the integrality of verification msg.In the process of transmission, data may change, and may produce different data summarizations.Use SHA1 that following benefit is arranged: can not be from data summarization restored data; Two different data can not produce same data summarization.Safe and secret with regard to having guaranteed in upgrade software, to accomplish like this.
Be elaborated with reference to accompanying drawing below in conjunction with embodiment, so that technical characterictic of the present invention and advantage are carried out more deep annotation.
Software flow pattern of the present invention as shown in Figure 1, a kind of on-line software updating method, its step is as follows:
Step 3.1, use SHA1 data summarization algorithm carry out computing to software document, generate the data summarization of 20 bytes;
Step 3.2, use RSA DEA are encrypted 20 byte datas summary with PKI, and data encrypted are left in the independent file;
Step 3.3, software document and corresponding encrypt file are placed on the webserver;
Step 4.1, product end system are connected to the webserver, download software document and corresponding encrypt file;
Step 4.2, use RSA DEA are decrypted the encrypt file of downloading with private key, obtain the data summarization A of 20 bytes;
Step 4.3, use SHA1 data summarization algorithm carry out computing to the downloaded software file, obtain the data summarization B of 20 bytes;
Step 4.4, comparing data summary A and data summarization B identically think that then software document is a complete sum safety, can be used for upgrading, otherwise think that software document is wrong, abandon upgrading;
The network of indication of the present invention is network application environments such as internet, 3G network, GPRS.The data summarization algorithm of indication of the present invention except SHA1, also has CRC32, MD4, MD5, SHA256, SHA384, SHA512, RIPEMD, PANAMA, TIGER, ADLER32 scheduling algorithm.The DEA of indication of the present invention except RSA, also has DES, AES, DSA scheduling algorithm.
User's mobile phone, Web TV, set-top box, when electronic products such as player need be upgraded, only need the user click software systems online upgrading after, then the product end system is connected to the webserver automatically, download software document and corresponding encrypt file, the RSA DEA function of utilizing the product end system to carry then, with private key the encrypt file of downloading is decrypted, obtain the data summarization A of 20 bytes, re-use SHA1 data summarization algorithm, the downloaded software file is carried out computing, obtain the data summarization B of 20 bytes, last comparing data summary A and data summarization B identically think that then software document is a complete sum safety, can be used for upgrading, otherwise think that software document is wrong, abandon upgrading.Whole software online upgrading process is safe and secret, and finishes automatically, does not need the user to be provided with once more, makes the relieved use of user security.
Claims (2)
1. on-line software updating method, step is as follows:
Step 1, use RSA Algorithm generate a pair of PKI and private key;
Step 2, PKI is placed on network server end, private key is placed in the software systems of product;
Step 3, carry out following setting in network server end,
Step 3.1, use SHA1 data summarization algorithm carry out computing to software document, generate the data summarization of 20 bytes;
Step 3.2, use RSA DEA are encrypted 20 byte datas summary with PKI, and data encrypted are left in the independent file;
Step 3.3, software document and corresponding encrypt file are placed on the webserver;
Step 4, at the product end, when the needs upgrade software,
Step 4.1, product end system are connected to the webserver, download software document and corresponding encrypt file;
Step 4.2, use RSA DEA are decrypted the encrypt file of downloading with private key, obtain the data summarization A of 20 bytes;
Step 4.3, use SHA1 data summarization algorithm carry out computing to the downloaded software file, obtain the data summarization B of 20 bytes;
Step 4.4, comparing data summary A and data summarization B identically think that then software document is a complete sum safety, can be used for upgrading, otherwise think that software document is wrong, abandon upgrading;
Step 5, EP (end of program).
2. on-line software updating method according to claim 1 is characterized in that: described network is internet, 3G network, GPRS network.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010105465596A CN102082784A (en) | 2010-11-11 | 2010-11-11 | Method for upgrading software on line |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN2010105465596A CN102082784A (en) | 2010-11-11 | 2010-11-11 | Method for upgrading software on line |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN102082784A true CN102082784A (en) | 2011-06-01 |
Family
ID=44088536
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN2010105465596A Pending CN102082784A (en) | 2010-11-11 | 2010-11-11 | Method for upgrading software on line |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN102082784A (en) |
Cited By (17)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102547454A (en) * | 2011-12-30 | 2012-07-04 | 四川长虹电器股份有限公司 | Data replication method for STB (Set Top Box) |
| CN103345602A (en) * | 2013-06-14 | 2013-10-09 | 腾讯科技(深圳)有限公司 | Client-side code integrality detection method, device and system |
| CN104348578A (en) * | 2013-08-02 | 2015-02-11 | 腾讯科技(深圳)有限公司 | Data processing method and device |
| CN104486355A (en) * | 2014-12-30 | 2015-04-01 | 大连楼兰科技股份有限公司 | Method and device for preventing malicious manipulation of codes |
| CN104506515A (en) * | 2014-12-17 | 2015-04-08 | 北京极科极客科技有限公司 | Firmware protection method and firmware protection device |
| CN104732138A (en) * | 2014-12-31 | 2015-06-24 | 深圳市元征科技股份有限公司 | Diagnostic equipment upgrading method and diagnostic equipment |
| CN104850445A (en) * | 2015-06-05 | 2015-08-19 | 东信和平科技股份有限公司 | Safe software upgrading method, device and system |
| CN104980410A (en) * | 2014-04-14 | 2015-10-14 | 领步科技集团有限公司 | Encryption method for remote upgrading of software of on-line power quality monitoring equipment |
| CN105656859A (en) * | 2014-11-18 | 2016-06-08 | 航天信息股份有限公司 | Secure online upgrade method and system for tax control equipment software |
| CN105740699A (en) * | 2016-03-04 | 2016-07-06 | 浙江大华技术股份有限公司 | Executable program protection method and device |
| CN103873440B (en) * | 2012-12-11 | 2017-03-22 | 北京旋极信息技术股份有限公司 | Application program upgrading method and system |
| WO2018032573A1 (en) * | 2016-08-18 | 2018-02-22 | 中兴通讯股份有限公司 | Data processing method, apparatus, server and terminal |
| CN107784226A (en) * | 2016-08-25 | 2018-03-09 | 大连楼兰科技股份有限公司 | The method and system that code is maliciously tampered are prevented using rivest, shamir, adelman |
| CN109460247A (en) * | 2018-12-17 | 2019-03-12 | 深圳创维数字技术有限公司 | Software packet upgrade method, software client, storage medium and device |
| CN110069729A (en) * | 2017-11-15 | 2019-07-30 | 百度在线网络技术(北京)有限公司 | A kind of offline cache method and system of application |
| CN111177707A (en) * | 2019-12-27 | 2020-05-19 | 智车优行科技(北京)有限公司 | Method and system for carrying out security inspection on application installation and application server |
| CN111309360A (en) * | 2020-02-07 | 2020-06-19 | 腾讯科技(深圳)有限公司 | Firmware updating method and device of quick charging equipment, computer equipment and storage medium |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1550115A (en) * | 2001-08-30 | 2004-11-24 | 摩托罗拉公司 | Method of verifying downloaded software and corresponding device |
| CN101149775A (en) * | 2006-09-20 | 2008-03-26 | 展讯通信(上海)有限公司 | Encryption and decryption method for realizing hardware and software binding |
-
2010
- 2010-11-11 CN CN2010105465596A patent/CN102082784A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1550115A (en) * | 2001-08-30 | 2004-11-24 | 摩托罗拉公司 | Method of verifying downloaded software and corresponding device |
| CN101149775A (en) * | 2006-09-20 | 2008-03-26 | 展讯通信(上海)有限公司 | Encryption and decryption method for realizing hardware and software binding |
Cited By (27)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN102547454B (en) * | 2011-12-30 | 2014-04-16 | 四川长虹电器股份有限公司 | Data replication method for STB (Set Top Box) |
| CN102547454A (en) * | 2011-12-30 | 2012-07-04 | 四川长虹电器股份有限公司 | Data replication method for STB (Set Top Box) |
| CN103873440B (en) * | 2012-12-11 | 2017-03-22 | 北京旋极信息技术股份有限公司 | Application program upgrading method and system |
| CN103345602B (en) * | 2013-06-14 | 2015-08-19 | 腾讯科技(深圳)有限公司 | A kind of client-side code integrality detection, device and system |
| CN103345602A (en) * | 2013-06-14 | 2013-10-09 | 腾讯科技(深圳)有限公司 | Client-side code integrality detection method, device and system |
| US10083028B2 (en) | 2013-06-14 | 2018-09-25 | Tencent Technology (Shenzhen) Company Limited | Method, apparatus and system for verifying code integrity on clients |
| US10481905B2 (en) | 2013-06-14 | 2019-11-19 | Tencent Technology (Shenzhen) Company Limited | Method, apparatus and system for verifying code integrity on clients |
| CN104348578A (en) * | 2013-08-02 | 2015-02-11 | 腾讯科技(深圳)有限公司 | Data processing method and device |
| CN104348578B (en) * | 2013-08-02 | 2019-01-29 | 腾讯科技(深圳)有限公司 | The method and device of data processing |
| CN104980410A (en) * | 2014-04-14 | 2015-10-14 | 领步科技集团有限公司 | Encryption method for remote upgrading of software of on-line power quality monitoring equipment |
| CN105656859B (en) * | 2014-11-18 | 2020-08-11 | 航天信息股份有限公司 | Tax control equipment software safety online upgrading method and system |
| CN105656859A (en) * | 2014-11-18 | 2016-06-08 | 航天信息股份有限公司 | Secure online upgrade method and system for tax control equipment software |
| CN104506515A (en) * | 2014-12-17 | 2015-04-08 | 北京极科极客科技有限公司 | Firmware protection method and firmware protection device |
| CN104486355A (en) * | 2014-12-30 | 2015-04-01 | 大连楼兰科技股份有限公司 | Method and device for preventing malicious manipulation of codes |
| CN104732138A (en) * | 2014-12-31 | 2015-06-24 | 深圳市元征科技股份有限公司 | Diagnostic equipment upgrading method and diagnostic equipment |
| CN104850445A (en) * | 2015-06-05 | 2015-08-19 | 东信和平科技股份有限公司 | Safe software upgrading method, device and system |
| CN105740699B (en) * | 2016-03-04 | 2018-12-07 | 浙江大华技术股份有限公司 | A kind of guard method of executable program and device |
| CN105740699A (en) * | 2016-03-04 | 2016-07-06 | 浙江大华技术股份有限公司 | Executable program protection method and device |
| WO2018032573A1 (en) * | 2016-08-18 | 2018-02-22 | 中兴通讯股份有限公司 | Data processing method, apparatus, server and terminal |
| CN107784226A (en) * | 2016-08-25 | 2018-03-09 | 大连楼兰科技股份有限公司 | The method and system that code is maliciously tampered are prevented using rivest, shamir, adelman |
| CN110069729A (en) * | 2017-11-15 | 2019-07-30 | 百度在线网络技术(北京)有限公司 | A kind of offline cache method and system of application |
| CN110069729B (en) * | 2017-11-15 | 2022-07-01 | 上海优扬新媒信息技术有限公司 | Offline caching method and system for application |
| CN109460247A (en) * | 2018-12-17 | 2019-03-12 | 深圳创维数字技术有限公司 | Software packet upgrade method, software client, storage medium and device |
| CN109460247B (en) * | 2018-12-17 | 2021-08-17 | 深圳创维数字技术有限公司 | Software package upgrading method, software client, storage medium and device |
| CN111177707A (en) * | 2019-12-27 | 2020-05-19 | 智车优行科技(北京)有限公司 | Method and system for carrying out security inspection on application installation and application server |
| CN111309360A (en) * | 2020-02-07 | 2020-06-19 | 腾讯科技(深圳)有限公司 | Firmware updating method and device of quick charging equipment, computer equipment and storage medium |
| CN111309360B (en) * | 2020-02-07 | 2022-06-28 | 腾讯科技(深圳)有限公司 | Firmware updating method and device of quick charging equipment, computer equipment and storage medium |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN102082784A (en) | Method for upgrading software on line | |
| CN103460195B (en) | For the system and method for security software update | |
| CN101145906B (en) | Method and system for authenticating legality of receiving terminal in unidirectional network | |
| CN103229451B (en) | For the method and apparatus that the key of hardware device is supplied | |
| CN102281300B (en) | Digital rights management license distribution method and system, server and terminal | |
| CN1960363B (en) | Method and equipment for implementing remote updating information security devices through network | |
| US20120170740A1 (en) | Content protection apparatus and content encryption and decryption apparatus using white-box encryption table | |
| CN108595198B (en) | Safe firmware updating method | |
| CN103595698B (en) | Management method for digital rights | |
| CN107423626B (en) | Method for updating trust chain of BIOS (basic input output System) based on continuous Hash value | |
| CN106789075B (en) | POS digital signature anti-cutting system | |
| CN111382397B (en) | Configuration method of upgrade software package, software upgrade method, equipment and storage device | |
| CN113346997B (en) | Method and device for communication of Internet of things equipment, Internet of things equipment and server | |
| CN102567685A (en) | Software copyright protection method based on asymmetric public key password system | |
| CN103825724A (en) | Identification type password system and method for updating and recovering private key automatically | |
| CN111124453B (en) | Method for upgrading firmware program of terminal equipment | |
| CN115795513A (en) | File encryption method, file decryption method, file encryption device, file decryption device and equipment | |
| CN104135531B (en) | A kind of upgrade method and device of Web softwares | |
| CN101808100B (en) | Method and system for solving replay of remote update of information safety device | |
| US20060064593A1 (en) | Technique for preventing illegal invocation of software programs | |
| WO2018033017A1 (en) | Terminal state conversion method and system for credit granting | |
| CN113840262A (en) | Over-the-air updating method, updating server, terminal equipment and Internet of things system | |
| CN107809426B (en) | Data information verification method and system | |
| CN106571928B (en) | A kind of method and device of browser administration | |
| CN115766270A (en) | File decryption method, file encryption method, key management method, device and equipment |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C12 | Rejection of a patent application after its publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20110601 |