CN103902887A - Method and device for identifying file source through signature - Google Patents
Method and device for identifying file source through signature Download PDFInfo
- Publication number
- CN103902887A CN103902887A CN201210568020.XA CN201210568020A CN103902887A CN 103902887 A CN103902887 A CN 103902887A CN 201210568020 A CN201210568020 A CN 201210568020A CN 103902887 A CN103902887 A CN 103902887A
- Authority
- CN
- China
- Prior art keywords
- database
- name
- signer
- cryptographic hash
- android program
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/52—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
- G06F21/54—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/03—Indexing scheme relating to G06F21/50, monitoring users, programs or devices to maintain the integrity of platforms
- G06F2221/033—Test or assess software
Abstract
The invention discloses a method and a device for identifying a file source through a signature, wherein the method comprises the steps of extracting a digital signature and a package name of an android program; and judging whether the android program is a safe program or not according to the digital signature and signature information corresponding to the package name in the database. The digital signature information corresponding to the entry is searched in the database through the packet name, whether the android program is the modified android program or not can be judged by comparing the corresponding signature information with the extracted digital signature information, the source of the android program can be determined before the program is not installed, and the equipment safety and the use safety of a user are protected.
Description
Technical field
The present invention relates to field of information security technology, especially a kind of method and apparatus of identifying Android document source by signature.
Background technology
Due to the increasing income property of Android system, its safety problem is also followed.In recent years, use the equipment of Android system more and more, thing followed safety issue is also more and more.At present, the supervision of the Android application program on market is not yet in place, some unique wrights tend to revise the Android program of official, add therein some malicious codes or some can realize the code of its object, and then packing and issuing are downloaded for user.Due to the problem of supervision disappearance, some users also do not know the installation kit that these have added not clear code, download these installation procedures that were modified and use from some not clear channels.Will cause like this problems such as information security, the loss of user's rate, electronic equipment irregular operating.
Summary of the invention
Object of the present invention, overcome exactly the deficiencies in the prior art, a kind of method and apparatus of identifying Android document source by signature is provided, the present invention and device can judge the source of Android program, before installation, just can learn that whether Android program is the program from official, and whether be modified.
In order to achieve the above object, adopt following technical scheme:
By the method in signature authenticating document source, described file is Android program, comprises the following steps: digital signature and the bag name of extracting described Android program; Judge according to the digital signature digital signature information corresponding with this bag name in database whether described Android program is security procedure.
Further, described method specifically comprises the following steps: extract the bag name of described Android program and the cryptographic hash of digital signature; According to the cryptographic hash of extracting this bag name correspondence in Bao Mingcong hash database, the cryptographic hash of described Android program and cryptographic hash comparison corresponding in hash database, if identical, judge that described Android program is security procedure.
Further, described method specifically comprises the following steps:
Extract the bag name of described Android program, the cryptographic hash of digital signature, signer's name;
According to the cryptographic hash of extracting this bag name correspondence in Bao Mingcong hash database, from signer's database, extract signer's name of this bag name correspondence;
Signer's name of the digital signature of described Android program and signer's name comparison corresponding in signer's database, if identical, carry out next step; If different, described Android program is insincere program;
The cryptographic hash of the digital signature of described Android program and cryptographic hash comparison corresponding in hash database, if identical, described Android program is security procedure.
By the device in signature document of identify source, described file is Android program, comprises extraction module, for extracting digital signature and the bag name of described Android program; Judge module, for judging according to signing messages corresponding to this bag name of digital signature and database whether described Android program is security procedure.
Further, described database comprises hash database, the cryptographic hash corresponding with this bag name that prestore in described hash database, the cryptographic hash comparison of the digital signature that described cryptographic hash and extraction module extract; If cryptographic hash corresponding in hash database is identical with the cryptographic hash that extraction module extracts, judge module judges that described Android program is security procedure.
Further, described database comprises hash database and signer's database; In described hash database, prestore and wrap a corresponding cryptographic hash, described cryptographic hash is used for the cryptographic hash comparison of the digital signature of extracting with extraction module; In described signer's database, prestore and wrap corresponding signer's name, described signer's name is used for signer's name comparison of the digital signature of extracting with extraction module; If the cryptographic hash of correspondence is identical with the cryptographic hash that extraction module extracts in hash database, and in signer's database of names, signer's name of correspondence is identical with signer's name that extraction module extracts, and judge module judges that described Android program is security procedure.
Further, described judge module first judges that whether signer's name of described Android program is identical with signer's name corresponding in hash database, if identical, whether the cryptographic hash that judges again described Android program is identical with cryptographic hash corresponding in hash database, if identical, described Android program is security procedure.
Further, described signer's name is exabyte.
Compared with prior art, beneficial effect of the present invention is:
Confirm the source of described Android program by judging cryptographic hash in the digital signature of Android program.Because cryptographic hash has uniqueness; therefore by with the default cryptographic hash comparison of extracting from official's program; can judge whether described Android program is without the Android program of changing; before described program is not installed, just can determine the legitimacy of this Android program, protected user's device security and used safety.
In addition, can investigate out to a certain extent the Android program of unofficial signature in conjunction with signer's information.
Accompanying drawing explanation
Fig. 1 is the flow chart of steps of the method for passing through signature authenticating document source of the embodiment of the present invention one;
Fig. 2 is the structural representation of the device that passes through signature authenticating document source of the embodiment of the present invention one;
Fig. 3 is the flow chart of steps of the method for passing through signature authenticating document source of the embodiment of the present invention two;
Fig. 4 is the structural representation of the device that passes through signature authenticating document source of the embodiment of the present invention two.
Diagram: 1-extraction module; 2-judge module; 3-hash database; 4-signer database.
Embodiment
Describe the present invention in detail below in conjunction with accompanying drawing and specific implementation method, be used for explaining the present invention in exemplary embodiment and description of the present invention, but not as a limitation of the invention.
Embodiment mono-
Refer to Fig. 1, the flow chart of steps of the method in what it was the present embodiment pass through signature authenticating document source.It mainly comprises the following steps:
S10: extract the bag name of Android program and the cryptographic hash of digital signature.
Particularly, all application programs that are installed to Android system all must have a digital certificate, and this digital certificate is for author and the relation that breaks the wall of mistrust between application program of identification application.This digital certificate is that digital signature includes signer's name and Hash information.Each Android program must have signature to be identified by Android system, could obtain authority is installed.Cryptographic hash in each digital signature is unique, is similar to the MAC Address in network interface card.The cryptographic hash of extracting Android program can realize by one group of disclosed algorithm, and the implementation tool on PC is " openssl ", and this instrument is the instrument of source code exploitation.The bag name of Android program is set by this Android program owner.For example, the bag of the micro-letter of Tengxun " com.tencent.mm " by name.
S20: judge that whether the cryptographic hash of the described Android program cryptographic hash corresponding with hash database be identical, if identical, described Android program is security procedure.
Particularly, database comprises hash database.Cryptographic hash prestores in described hash database.This cryptographic hash is the cryptographic hash of extracting in the official's Android program obtaining from safe channel, and it is corresponding to bag name.Because cryptographic hash has global uniqueness, the cryptographic hash of these officials is for the cryptographic hash comparison with the digital signature of extracting.If identical with the cryptographic hash of bag corresponding official's cryptographic hash and extraction in hash database, the security procedure that described Android program is official.If different, illustrate that this Android program distorted by third party, be trustless program.
Refer to Fig. 2, it is the structural representation of the device that passes through signature authenticating document source of the embodiment of the present invention one.
This enforcement differentiate the device in Android program source by signature, comprise the extraction module 1 of the digital signature for extracting described Android program and for judging according to the signing messages of digital signature and presetting database whether described Android program is the judge module 2 of security procedure.Described presetting database comprises hash database 3, and cryptographic hash prestores in described hash database 3.These cryptographic hash are to extract from regular channel (official website), have uniqueness.It is for the cryptographic hash comparison of the digital signature extracted with extraction module 1.If the cryptographic hash that in hash database 3, the cryptographic hash corresponding with the bag name of described Android program and extraction module 1 extract is identical, judge module 2 judges that described Android program is security procedure.
The present embodiment extracts Hash information as the source of confirming Android program from digital signature, utilizes unique feature of cryptographic hash to judge whether Android program is the program of official's safety.After can avoiding third party to change official's program, be published in market and download for user again, the source of this program of user's None-identified, and the problem of whether being changed.
Embodiment bis-
Refer to Fig. 3, the flow chart of steps of the method in what it was the present embodiment pass through signature authenticating document source.It mainly comprises the following steps:
S10: extract the bag name of described Android program, the cryptographic hash of digital signature, signer's name.
Particularly, the digital signature in Android program, except comprising cryptographic hash, also comprises the signer's name to this program signature.Utilize openssl instrument to extract cryptographic hash and signer's name of digital signature.Preferably, described signer's name is exabyte.Signer's name is the source that exabyte can judge Android program effectively.Be different from idiographic property complicated and changeable.The signature of exabyte has relative stability, and the Android program generally with company's signature is Android program trusty.The bag name of Android program is set by this Android program owner.For example, the bag of the micro-letter of Tengxun " com.tencent.mm " by name.
S20: whether the signer's name that judges described Android program is identical with signer's name corresponding in signer's database, if different, described Android program is trustless program; If identical, carry out next step.
Particularly, after step S10, first judge that whether signer's name of digital signature of Android program is identical with signer's name corresponding in signer's database.If identical, then carry out step S30.If different, this Android program is passed through unofficial modification certainly, and described Android program is insincere.In signer's database, corresponding one of each signer's name wraps name above.By searching bag name, can find signer's name corresponding to bag name.For example bag " com.tencent.mm " by name, its corresponding signer's name is company of Tengxun.
S30: whether the cryptographic hash of digital signature that judges described Android program is identical with cryptographic hash corresponding in hash database, if with, described Android program is security procedure; If different, described Android program is trustless program.
The method of judgement and principle and judgement signer name is similar herein, does not repeat them here.
Refer to Fig. 4, it is the structural representation of the device that passes through signature authenticating document source of the embodiment of the present invention two.
The difference of the present embodiment and embodiment mono-is: extraction module 1 extracts cryptographic hash and the signer's name in the digital signature of described Android program, and described database also comprises signer's database 4.Preferably, described signer's name is exabyte.Judge module 2 first judges that whether signer's name of the digital signature that extraction module 1 extracts is identical with signer's name corresponding in signer's database 4.If different, described Android program is trustless program.If identical, then judge that whether the cryptographic hash of the digital signature that extraction module 1 extracts is identical with cryptographic hash corresponding in hash database 3, if identical, the security procedure that described Android program is official.
The present embodiment first judges signer's name, can get rid of the different Android program of a part of signer's name, saves the follow-up judgement time.In the situation that signer's name is identical again, judge by the uniqueness of cryptographic hash whether described Android program is normal official program, prevent that official's installation of being revised by third party from entering in equipment to damage, and causes user's loss.
The technical scheme above embodiment of the present invention being provided is described in detail, applied principle and the embodiment of specific case to the embodiment of the present invention herein and set forth, the explanation of above embodiment is only applicable to help to understand the principle of the embodiment of the present invention; , for one of ordinary skill in the art, according to the embodiment of the present invention, in embodiment and range of application, all will change, in sum, this description should not be construed as limitation of the present invention meanwhile.
Claims (8)
1. by the method in signature authenticating document source, described file is Android program, it is characterized in that, comprises the following steps:
Extract digital signature and the bag name of described Android program;
Judge according to the digital signature digital signature information corresponding with this bag name in database whether described Android program is security procedure.
2. method of originating by signature authenticating document according to claim 1, is characterized in that, specifically comprises the following steps: extract the bag name of described Android program and the cryptographic hash of digital signature; According to the cryptographic hash of extracting this bag name correspondence in Bao Mingcong hash database, the cryptographic hash of described Android program and cryptographic hash comparison corresponding in hash database, if identical, judge that described Android program is security procedure.
3. method of originating by signature authenticating document according to claim 1, is characterized in that, specifically comprises the following steps:
Extract the bag name of described Android program, the cryptographic hash of digital signature, signer's name;
According to the cryptographic hash of extracting this bag name correspondence in Bao Mingcong hash database, from signer's database, extract signer's name of this bag name correspondence;
Signer's name of the digital signature of described Android program and signer's name comparison corresponding in signer's database, if identical, carry out next step; If different, described Android program is insincere program;
The cryptographic hash of the digital signature of described Android program and cryptographic hash comparison corresponding in hash database, if identical, described Android program is security procedure.
4. by the device in signature document of identify source, described file is Android program, it is characterized in that: comprise extraction module, for extracting digital signature and the bag name of described Android program; Judge module, for judging according to signing messages corresponding to this bag name of digital signature and database whether described Android program is security procedure.
5. according to claim 4 by the device in signature document of identify source, it is characterized in that: described database comprises hash database, the cryptographic hash corresponding with this bag name that prestore in described hash database, the cryptographic hash comparison of the digital signature that described cryptographic hash and extraction module extract; If cryptographic hash corresponding in hash database is identical with the cryptographic hash that extraction module extracts, judge module judges that described Android program is security procedure.
6. according to claim 4 by the device in signature authenticating document source, it is characterized in that: described database comprises hash database and signer's database; In described hash database, prestore and wrap a corresponding cryptographic hash, described cryptographic hash is used for the cryptographic hash comparison of the digital signature of extracting with extraction module; In described signer's database, prestore and wrap corresponding signer's name, described signer's name is used for signer's name comparison of the digital signature of extracting with extraction module; If the cryptographic hash of correspondence is identical with the cryptographic hash that extraction module extracts in hash database, and in signer's database of names, signer's name of correspondence is identical with signer's name that extraction module extracts, and judge module judges that described Android program is security procedure.
7. according to claim 6 by the device in signature authenticating document source, it is characterized in that: described judge module first judges that whether signer's name of described Android program is identical with signer's name corresponding in hash database, if identical, whether the cryptographic hash that judges again described Android program is identical with cryptographic hash corresponding in hash database, if identical, described Android program is security procedure.
8. according to the device that passes through signature authenticating document source described in claim 5 or 6 or 7, it is characterized in that: described signer's name is exabyte.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210568020.XA CN103902887A (en) | 2012-12-24 | 2012-12-24 | Method and device for identifying file source through signature |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201210568020.XA CN103902887A (en) | 2012-12-24 | 2012-12-24 | Method and device for identifying file source through signature |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN103902887A true CN103902887A (en) | 2014-07-02 |
Family
ID=50994199
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201210568020.XA Pending CN103902887A (en) | 2012-12-24 | 2012-12-24 | Method and device for identifying file source through signature |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN103902887A (en) |
Cited By (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104200163A (en) * | 2014-08-27 | 2014-12-10 | 哈尔滨工业大学(威海) | Virus detection method and virus detection engine |
| CN105608369A (en) * | 2015-10-30 | 2016-05-25 | 周奇 | Application software installation method and apparatus |
| CN106096388A (en) * | 2016-05-31 | 2016-11-09 | 北京小米移动软件有限公司 | A kind of code security processing method, device, terminal unit and system |
| CN106295350A (en) * | 2015-06-04 | 2017-01-04 | 联想移动通信软件(武汉)有限公司 | Auth method, device and the terminal of a kind of credible execution environment |
| WO2017028729A1 (en) * | 2015-08-19 | 2017-02-23 | 北京金山安全软件有限公司 | Method, apparatus, and electronic device for determining whether an application program is an authorized application program |
| CN107256173A (en) * | 2017-06-28 | 2017-10-17 | 广东欧珀移动通信有限公司 | One kind application installation method, mobile terminal and computer-readable recording medium |
| CN107368735A (en) * | 2017-07-24 | 2017-11-21 | 广东欧珀移动通信有限公司 | One kind applies installation method, mobile terminal and computer-readable recording medium |
| CN108134676A (en) * | 2017-12-19 | 2018-06-08 | 上海闻泰电子科技有限公司 | Android system safe starting method and readable storage medium storing program for executing |
| CN108155995A (en) * | 2016-12-02 | 2018-06-12 | 中国移动通信有限公司研究院 | A kind of authentication method and system, mobile terminal, certificate server |
| CN108319823A (en) * | 2018-02-02 | 2018-07-24 | 广东蜂助手网络技术股份有限公司 | A kind of Android APP signature binding method and device |
| CN114547593A (en) * | 2020-11-18 | 2022-05-27 | 成都鼎桥通信技术有限公司 | Terminal application authentication method, device and equipment |
-
2012
- 2012-12-24 CN CN201210568020.XA patent/CN103902887A/en active Pending
Cited By (16)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN104200163A (en) * | 2014-08-27 | 2014-12-10 | 哈尔滨工业大学(威海) | Virus detection method and virus detection engine |
| CN106295350A (en) * | 2015-06-04 | 2017-01-04 | 联想移动通信软件(武汉)有限公司 | Auth method, device and the terminal of a kind of credible execution environment |
| CN106295350B (en) * | 2015-06-04 | 2019-12-10 | 摩托罗拉移动通信软件(武汉)有限公司 | identity verification method and device of trusted execution environment and terminal |
| WO2017028729A1 (en) * | 2015-08-19 | 2017-02-23 | 北京金山安全软件有限公司 | Method, apparatus, and electronic device for determining whether an application program is an authorized application program |
| CN105608369B (en) * | 2015-10-30 | 2019-06-25 | 周奇 | The installation method and device of application software |
| CN105608369A (en) * | 2015-10-30 | 2016-05-25 | 周奇 | Application software installation method and apparatus |
| CN106096388A (en) * | 2016-05-31 | 2016-11-09 | 北京小米移动软件有限公司 | A kind of code security processing method, device, terminal unit and system |
| CN106096388B (en) * | 2016-05-31 | 2019-04-16 | 北京小米移动软件有限公司 | A kind of code security processing method, device, terminal device and system |
| CN108155995A (en) * | 2016-12-02 | 2018-06-12 | 中国移动通信有限公司研究院 | A kind of authentication method and system, mobile terminal, certificate server |
| CN107256173A (en) * | 2017-06-28 | 2017-10-17 | 广东欧珀移动通信有限公司 | One kind application installation method, mobile terminal and computer-readable recording medium |
| CN107256173B (en) * | 2017-06-28 | 2020-03-20 | Oppo广东移动通信有限公司 | Application installation method, mobile terminal and computer readable storage medium |
| CN107368735A (en) * | 2017-07-24 | 2017-11-21 | 广东欧珀移动通信有限公司 | One kind applies installation method, mobile terminal and computer-readable recording medium |
| CN107368735B (en) * | 2017-07-24 | 2020-03-20 | Oppo广东移动通信有限公司 | Application installation method, mobile terminal and computer readable storage medium |
| CN108134676A (en) * | 2017-12-19 | 2018-06-08 | 上海闻泰电子科技有限公司 | Android system safe starting method and readable storage medium storing program for executing |
| CN108319823A (en) * | 2018-02-02 | 2018-07-24 | 广东蜂助手网络技术股份有限公司 | A kind of Android APP signature binding method and device |
| CN114547593A (en) * | 2020-11-18 | 2022-05-27 | 成都鼎桥通信技术有限公司 | Terminal application authentication method, device and equipment |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN103902887A (en) | Method and device for identifying file source through signature | |
| CN1707999B (en) | Distributed management of a certificate revocation list | |
| CN109802825A (en) | A kind of data encryption, the method for decryption, system and terminal device | |
| EP2775660B1 (en) | Message authentication method in communication system and communication system | |
| CN110661680B (en) | Method and system for detecting data stream white list based on regular expression | |
| JP6218184B2 (en) | Information processing apparatus and message authentication method | |
| CN104484607A (en) | Universal method and universal system for performing safety testing on Android application programs | |
| CN106533658A (en) | URL tamper-proofing signature and signature verification method based on MD5 algorithm | |
| CN109634615B (en) | Issuing method, verification method and device of application installation package | |
| CN112199644A (en) | Mobile terminal application program safety detection method, system, terminal and storage medium | |
| CN105873044B (en) | application program publishing method based on android platform, developer tracing method and device | |
| CN108352991B (en) | Information processing apparatus and unauthorized message detection method | |
| JP2005100347A (en) | Program creation apparatus | |
| CN111327561B (en) | Authentication method, system, authentication server, and computer-readable storage medium | |
| KR101492514B1 (en) | Method, apparatus and system for employing a secure content protection system | |
| Kim et al. | Shadowauth: Backward-compatible automatic can authentication for legacy ecus | |
| CN107948973B (en) | Equipment fingerprint generation method applied to IOS (input/output system) for security risk control | |
| CN108052836B (en) | Anti-tampering method and device for patch package and server | |
| CN104410153B (en) | IEC62351 intelligent substation process layer intelligent electronic device communication method and communication system | |
| CN106936834B (en) | Method for intrusion detection of IEC61850 digital substation SMV message | |
| KR20130100032A (en) | Method for distributting smartphone application by using code-signing scheme | |
| CN101795268B (en) | Method and device for enhancing security of user-based security model | |
| Carsten et al. | A system to recognize intruders in controller area network (can) | |
| CN113169883B (en) | Method and device for verifying digital certificate | |
| CN113259315B (en) | Communication message safety protection method and system suitable for power distribution network |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20140702 |
|
| RJ01 | Rejection of invention patent application after publication |