CN106599620A - Binary software protection method based on dynamic code conversion - Google Patents
Binary software protection method based on dynamic code conversion Download PDFInfo
- Publication number
- CN106599620A CN106599620A CN201611009332.1A CN201611009332A CN106599620A CN 106599620 A CN106599620 A CN 106599620A CN 201611009332 A CN201611009332 A CN 201611009332A CN 106599620 A CN106599620 A CN 106599620A
- Authority
- CN
- China
- Prior art keywords
- state
- computing
- dynamic code
- binary software
- sequence number
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 45
- 238000006243 chemical reaction Methods 0.000 title abstract description 4
- 238000003780 insertion Methods 0.000 claims description 3
- 230000037431 insertion Effects 0.000 claims description 3
- 238000005498 polishing Methods 0.000 claims description 3
- 230000008901 benefit Effects 0.000 abstract description 2
- 230000009191 jumping Effects 0.000 abstract 1
- 230000006870 function Effects 0.000 description 14
- 238000004458 analytical method Methods 0.000 description 9
- 230000006872 improvement Effects 0.000 description 7
- 230000008569 process Effects 0.000 description 7
- 238000004364 calculation method Methods 0.000 description 3
- 238000013461 design Methods 0.000 description 3
- 238000005516 engineering process Methods 0.000 description 3
- 230000007246 mechanism Effects 0.000 description 3
- 230000035772 mutation Effects 0.000 description 2
- 230000003068 static effect Effects 0.000 description 2
- 229910002056 binary alloy Inorganic materials 0.000 description 1
- 230000006378 damage Effects 0.000 description 1
- 239000012634 fragment Substances 0.000 description 1
- 239000000463 material Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
- 230000000644 propagated effect Effects 0.000 description 1
- 230000001681 protective effect Effects 0.000 description 1
- 230000000717 retained effect Effects 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/121—Restricting unauthorised execution of programs
- G06F21/125—Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a binary software protection method based on dynamic code conversion. The method comprises the following steps of: S1: extracting the basic block of a code to be protected to obtain pieces; S2: processing the pieces: equally dividing all pieces into two parts including an upper half part and a lower half part, randomly selecting certain pieces from the upper half part, and initializing the pieces into a ciphertext state, wherein the rest pieces of the corresponding lower half part of the upper half part are under the ciphertext state; and S3: inserting a decryption function: inserting the decryption function into the tails of all pieces for jumping, wherein the decryption function has the function that a next piece which is about to be executed is decrypted during operation. The method has the advantages of simple principle, easiness in realization, efficiency in execution, large protection strength and the like.
Description
Technical field
Present invention relates generally to computer system security and Software Protection Technique field, refer in particular to a kind of based on dynamic code
The binary software guard method of conversion.
Background technology
Because software is propagated and duplication becomes more and more easily, software cracks, distort and the safety problem such as piracy is increasingly tight
Weight.Software Intellectual Property Rights how are protected to become a problem demanding prompt solution.Software analysis are the committed steps during software is cracked,
Refer to that attacker is concerned by the analysis to materials such as software code, operation results, acquisition software key algorithm, control flow etc. soft
The process of the information of part safety.Therefore, the design and realization that it is critical only that software inverse analysis method of software protection.
Existing widely used Software Protection Technique mainly includes:Code obfuscation, anti-tamper, dynamic encryption and decryption, software water
Print and hardware based protection, such as softdog, CPU encryptions.Wherein, dynamic encryption and decryption method can be used in concealing program
Internal information, can preferably protect static analysis attack method, in the case where being combined with special algorithm for dynamic analysis also has
Preferable protective action, and with expense is little, efficiency high, the characteristics of realize easy, therefore be typically used to binary software guarantor
It is a focus of recent method for protecting software research in protecting system.
There is the Software Protection Technique based on dynamic encryption and decryption that several researchers have proposed different thinkings at present.According to
Dynamic encryption and decryption protection mechanism realizes the difference of principle, and it can be classified from different angles.
From for the angle of Cipher Strength, some methods have simply used simple random data replacement instruction method, have
Used simple code (XOR or ADD), the cryptographic algorithm (such as TEA, AES) for then having used complexity also, Ke Yiju
AES is divided into random replacement, simple encryption and complicated three kinds of encryption by this.
From for the angle of manner of decryption, can be analyzed in terms of two again:First, overall or part is decrypted.
Some methods entirely encrypt body of code, decrypt completely during operation, and code can be fully exposed to before execution in internal memory, very
Easily obtained by attacker.Some methods are on demand decrypted code burst (generally in units of function or code segment), fortune
Row is just decrypted to during a certain section of code.Second, whether re-encrypted.If no longer re-encrypted gets up after decryption,
The code for having become plaintext is easy to be obtained by attacker.Applying the method for re-encrypted can make code there was only one forever
Part is exposure in plain text, can be reasonably resistant to a part of dynamic analysis.
The content of the invention
The technical problem to be solved in the present invention is that:For the technical problem that prior art is present, the present invention provides one
Kind of principle is simple, realize easily, perform efficiently, the larger binary software protection side converted based on dynamic code of protection intensity
Method.
To solve above-mentioned technical problem, the present invention is employed the following technical solutions:
A kind of binary software guard method converted based on dynamic code, its step is:
S1:The basic block of code to be protected is extracted, piece is obtained;
S2:Piece is processed;Two parts are divided into by all:Top half and the latter half;Top half with
Machine chooses some pieces and is initially ciphertext state, then remaining piece of its corresponding the latter half is ciphertext state;
S3:Insertion decryption function;Redirecting for decryption function is inserted at the end of all, decryption function function is in fortune
Decryption during row will perform down a piece of.
As a further improvement on the present invention:In step S1, when the lazy weight even number of basic block, with filling out at random
The basic block polishing for filling is even number.
As a further improvement on the present invention:In step S1, each basic block afterbody is filled using random number and is made
Each basic block equal length.
As a further improvement on the present invention:In step S2, the ciphertext is by top half and the latter half pair
Piece XOR is answered to obtain.
As a further improvement on the present invention:In step S3, the decryption function is used for the shape of maintenance program operation
State, state is indicated with sequence number.
As a further improvement on the present invention:The sequence number of each state is specified according to following rule:Start sequence number is 0, note
Serial number i during last computing, current sequence number is j, remembers that this computing terminates rear serial number k;If this time computing and last time fortune
The direction of calculation is identical, then k=i;If this time computing and in opposite direction, the k=j+1 of last time computing.
As a further improvement on the present invention:The decryption function safeguards the direction of last time XOR and last time to sequence number
The computing done, according to current state sequence number i, from original state state i or particular state is calculated, then according to this state choosing
Selecting needs to decrypt the next piece of computing for needing to carry out.
Compared with prior art, it is an advantage of the current invention that:
1st, binary software guard method (the Dynamic Code Mutation converted based on dynamic code of the invention
Protection, abbreviation DCMP), the slice that can need execution with dynamic decryption has specific without usability of program fragments
Linear execution sequence, makes method more succinct in the case where Cipher Strength is retained and efficiently, forms dynamic deformation mechanism.DCMP
By all possible state appointed sequence numbers of usability of program fragments to be protected, by the way that burst to be carried out in a certain order XOR, to wanting
The code snippet decryption of execution.This method is because there is numbering mechanism, it is not necessary to which usability of program fragments to be protected has specific line
Property execution sequence, more flexibly, practical application is stronger.
2nd, the binary software guard method converted based on dynamic code of the invention, realizes burst dynamic encryption and decryption machine
System.With reference to dynamic encryption and decryption and Code Obfuscation Security Technology, dynamic code conversion process is realized.There are two key points:First burst
Encryption, will program be divided into the code snippet of identical or different size, be encrypted respectively.Burst rank is different, for protection
Intensity and program feature impacts are very big.Burst is less, then safety is higher, but performance cost is bigger, and vice versa;It two
It is to decrypt on demand, i.e., on the premise of Program Slicing encryption, every time code segment decryption only to performing, weighs again after execution
New encryption, can so make at most only have several code snippets to be plaintext state in internal memory, can effectively resist general
Dynamic debugging is attacked.
3rd, the binary software guard method converted based on dynamic code of the invention, is realized using lightweight, and it is different
In general binary system Preservation tactics, whole design is succinct, realize easily, perform efficiently, protection intensity it is larger, in protection intensity
It is balanced and performance cost between and accepts or rejects, ultimately forms a very strong software protection of practicality.
Description of the drawings
Fig. 1 is the schematic flow sheet of the inventive method.
Fig. 2 is the principle schematic when present invention carries out burst in concrete application example.
Fig. 3 is the principle schematic when present invention carries out initial encryption in concrete application example.
Fig. 4 is the principle schematic carried out in concrete application example when sequence number is distributed of the invention.
Specific embodiment
The present invention is described in further details below with reference to Figure of description and specific embodiment.
As shown in figure 1, a kind of binary software guard method converted based on dynamic code of the present invention, step is:
S1:The basic block of code to be protected is extracted, piece is obtained;
When the lazy weight even number of basic block, the basic block polishing with random filling is even number;Each basic block afterbody makes
Being filled with random number makes each basic block equal length;Thus obtained result is referred to as piece, is illustrated in figure 2 one and specifically should
Use example.
S2:Piece is processed;
Two parts, referred to as top half and the latter half are divided into by all.Some pieces are randomly selected in top half
Ciphertext state is initially, then remaining piece of its corresponding the latter half is ciphertext state.
The ciphertext is obtained by top half and the latter half counterpiece XOR.
As shown in figure 3, in concrete application example, it is ciphertext state to choose top half b, c piece, then the e of the latter half,
H pieces are ciphertext state.
S3:Insertion decryption function;
Redirecting for decryption function is inserted at the end of all, decryption function function will be performed for operationally decryption
Under it is a piece of.
Decryption function maintains the state of program operation, and state is indicated with sequence number.Remember that all first half bursts are
A, all lower half bursts are B, and initial sequence number is 0, then the sequence number of all possible states is as shown in Figure 4.
As shown in figure 4, the sequence number of each state is specified according to following rule:Start sequence number is 0, during the computing of note last time
Serial number i, current sequence number is j, remembers that this computing terminates rear serial number k.If this time computing is identical with the direction of last time computing,
K=i;If this time computing and in opposite direction, the k=j+1 of last time computing.K resets if | k |=6 so that | k | < 6.
Based on above computing, sequence number value and state have corresponding relation, therefore can use sequence number -5, and -4 ..., 0,1,
2 ..., 5 represent all 11 states.Additionally, sequence number m and sequence number (6- | m |) * (- m/ | m |) corresponding state equivalent.
In the process of implementation, decryption function safeguards the fortune that the direction (1bit) of last time XOR and last time done to sequence number
Calculate (2bit), according to current state sequence number i, from original state the particular state of state i or (6- | i |) * (- i/ | i |) is calculated
(random alternative), then needs to decrypt the next piece of computing for needing to carry out according to this condition selecting.
For example, by it is all obscure before initial first half burst it is abstract for x, lower half burst is abstract for y, all XORs fortune
The result of calculation is abstract for z.Again for example, for original stateIt is then that a, b, c is abstract for x, by d, e,
F is abstract for v, and the result of all XORs is abstract for z;Then all abstract markers meet following computing:
The decipherment algorithm piece that in the process of implementation dynamic decryption will be performed.For convenience, it is assumed that original state is Original state is abstract for { x, z, z | z, y, y }, if in the code for sometime needing to perform b, and
Current state is -5, and algorithm performs process is:From original state { x, z, z | z, y, y } calculation serial number -5 or+1 (both with
Machine choosing is a kind of) state, { z, y, y | x, z, z } is obtained, if now decrypt b to need to calculate y by XOR
To x, or z computings are obtained into x, decryption function randomly selects one kind and carries out computing from both possibility, decrypts b.
Above-mentioned binary software guard method (DCMP, the Dynamic Code converted based on dynamic code of the present invention
Mutation Protection), it is the demand for anti-conversed analysis in software protection designing realization, combine dynamic
Binary software intermediate portions or entirety are protected by encryption and decryption and Code Obfuscation Security Technology, can be reasonably resistant to static point
Analysis and dynamic analysis, prevent the destruction to software confidentiality.The present invention is carried out at protection before operation to targeted binary code
Reason, dynamic decryption when code after process runs is performed by protected fragment and re-encrypted after execution.
In the method for the invention, the key point for realizing dynamic encryption process be burst encryption, will program be divided into it is identical
Or different size of code snippet, it is encrypted respectively.Burst rank is different, for protection intensity and program feature impacts
It is very big.Burst is less, then safety is higher, but performance cost is bigger, and vice versa.The present invention carries out on demand dynamic deciphering machine
System, i.e., on the premise of Program Slicing encryption, code segment decryption during operation only to performing adds again again after execution
It is close, it is ensured that as far as possible little plaintext time window is exposed at any time by protection code, so can make at most to only have in internal memory
Several code snippets are plaintext states, can effectively resist dynamic debugging attack.The method of the present invention is different from general two
System guard method, design is succinct, and it is easy to realize, execution is efficient, and protection intensity is larger, between protection intensity and performance cost
It is balanced and accepts or rejects, ultimately forms a very strong software protection of practicality.
From the foregoing, it will be observed that the above-mentioned binary software guard method DCMP converted based on dynamic code of the present invention is dexterously solved
A difficult problem for the non-linear execution of program of having determined, has used the thought of burst encryption and decryption, critical code section is always had in internal memory point
Piece is in encrypted state, and code segment integrally will not be all exposed in internal memory, can effectively increase attacker carry out it is quiet
The difficulty of state analysis.Critical code section to be protected can be carried out burst and effective protection by DCMP, and attacker cannot be disposable
All plaintexts are decrypted, it is difficult to be analyzed to program.
The above is only the preferred embodiment of the present invention, protection scope of the present invention is not limited merely to above-described embodiment,
All technical schemes belonged under thinking of the present invention belong to protection scope of the present invention.It should be pointed out that for the art
For those of ordinary skill, some improvements and modifications without departing from the principles of the present invention should be regarded as the protection of the present invention
Scope.
Claims (7)
1. a kind of binary software guard method converted based on dynamic code, it is characterised in that step is:
S1:The basic block of code to be protected is extracted, piece is obtained;
S2:Piece is processed;Two parts are divided into by all:Top half and the latter half;Select at random in top half
Take some pieces and be initially ciphertext state, then remaining piece of its corresponding the latter half is ciphertext state;
S3:Insertion decryption function;Redirecting for decryption function is inserted at the end of all, decryption function function is for operationally
Decryption will perform down a piece of.
2. the binary software guard method converted based on dynamic code according to claim 1, it is characterised in that described
In step S1, when the lazy weight even number of basic block, the basic block polishing with random filling is even number.
3. the binary software guard method converted based on dynamic code according to claim 2, it is characterised in that described
In step S1, each basic block afterbody is filled using random number makes each basic block equal length.
4. the binary software guard method converted based on dynamic code according to claim 1 or 2 or 3, its feature is existed
In in step S2, the ciphertext is obtained by top half and the latter half counterpiece XOR.
5. the binary software guard method converted based on dynamic code according to claim 1 or 2 or 3, its feature is existed
In in step S3, the decryption function is used for the state of maintenance program operation, and state is indicated with sequence number.
6. the binary software guard method converted based on dynamic code according to claim 5, it is characterised in that each
The sequence number of state is specified according to following rule:Start sequence number is 0, the serial number i during computing of note last time, and current sequence number is j, note
This time computing terminates rear serial number k;If this time computing is identical with the direction of last time computing, k=i;If this computing and last time
In opposite direction, the then k=i+1 of computing.
7. the binary software guard method converted based on dynamic code according to claim 5, it is characterised in that described
Decryption function safeguards the computing done to sequence number the direction of last time XOR and last time, according to current state sequence number i, from initial
Situation calculus state i or particular state, then need to decrypt the next piece of computing for needing to carry out according to this condition selecting.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611009332.1A CN106599620A (en) | 2016-11-16 | 2016-11-16 | Binary software protection method based on dynamic code conversion |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201611009332.1A CN106599620A (en) | 2016-11-16 | 2016-11-16 | Binary software protection method based on dynamic code conversion |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN106599620A true CN106599620A (en) | 2017-04-26 |
Family
ID=58591241
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201611009332.1A Pending CN106599620A (en) | 2016-11-16 | 2016-11-16 | Binary software protection method based on dynamic code conversion |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN106599620A (en) |
Cited By (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108509772A (en) * | 2018-02-12 | 2018-09-07 | 北京梆梆安全科技有限公司 | Source code reinforcement means and device based on execution sequence and single-point logic |
| CN108595921A (en) * | 2018-03-22 | 2018-09-28 | 北京奇艺世纪科技有限公司 | Character string obscures method and apparatus in a kind of source code |
Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1952949A (en) * | 2006-09-22 | 2007-04-25 | 中山大学 | A software protection method based on modified one time pad |
| CN102483790A (en) * | 2009-05-06 | 2012-05-30 | 埃德图加拿大公司 | Interlocked binary protection using whitebox cryptography |
-
2016
- 2016-11-16 CN CN201611009332.1A patent/CN106599620A/en active Pending
Patent Citations (2)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN1952949A (en) * | 2006-09-22 | 2007-04-25 | 中山大学 | A software protection method based on modified one time pad |
| CN102483790A (en) * | 2009-05-06 | 2012-05-30 | 埃德图加拿大公司 | Interlocked binary protection using whitebox cryptography |
Non-Patent Citations (1)
| Title |
|---|
| 王治: "移动应用的白盒安全技术研究与实现", 《中国优秀硕士论文库》 * |
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108509772A (en) * | 2018-02-12 | 2018-09-07 | 北京梆梆安全科技有限公司 | Source code reinforcement means and device based on execution sequence and single-point logic |
| CN108509772B (en) * | 2018-02-12 | 2022-01-07 | 北京梆梆安全科技有限公司 | Source code reinforcement method and device based on execution sequence and single-point logic |
| CN108595921A (en) * | 2018-03-22 | 2018-09-28 | 北京奇艺世纪科技有限公司 | Character string obscures method and apparatus in a kind of source code |
| CN108595921B (en) * | 2018-03-22 | 2020-11-13 | 北京奇艺世纪科技有限公司 | Method and device for confusing character strings in source codes |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| EP3251040B1 (en) | Obfuscation for protection of streaming media and other data flows | |
| Gamido et al. | Modified AES for text and image encryption | |
| CN104660590B (en) | A kind of file encryption secure cloud storage scheme | |
| Moradi et al. | On the Portability of Side-Channel Attacks-An Analysis of the Xilinx Virtex 4, Virtex 5, and Spartan 6 Bitstream Encryption Mechanism | |
| CN104396182A (en) | Method of encrypting data | |
| CN109861810A (en) | A kind of data ciphering method and decryption method based on chaos Tuber yield | |
| CN114826590B (en) | Packet mode encryption method, packet mode decryption method, packet mode encryption device, packet mode decryption device and packet mode decryption equipment | |
| CN100428262C (en) | A software protection method based on modified one time pad | |
| JP5992651B2 (en) | ENCRYPTION METHOD, PROGRAM, AND SYSTEM | |
| CN106599620A (en) | Binary software protection method based on dynamic code conversion | |
| CN110489978A (en) | A kind of file encryption-decryption method | |
| US20160241387A1 (en) | System and method for manipulating both the plaintext and ciphertext of an encryption process prior to dissemination to an intended recipient | |
| CN101539979B (en) | Method for controlling and protecting electronic document and device thereof | |
| Filiol | Malicious cryptography techniques for unreversable (malicious or not) binaries | |
| Ismanto et al. | Improving security level through obfuscation technique for source code protection using AES algorithm | |
| Kurniawan et al. | The design of mini PGP security | |
| Acholli et al. | VLSI implementation of hybrid cryptography algorithm using LFSR key | |
| CN109120396B (en) | Use method of data encryption and decryption system based on challenge response code | |
| Huang et al. | Building a block cipher mode of operation with feedback keys | |
| Acharya et al. | Privacy protection of biometric traits using modified hill cipher with involutory key and robust cryptosystem | |
| CN111130755A (en) | Matrix double encryption method based on signature | |
| Hassene et al. | A new hybrid encryption technique permuting text and image based on hyperchaotic system | |
| CN111314053A (en) | Data encryption and decryption method based on uniform distribution symmetric algorithm | |
| Hu et al. | A key hiding based software encryption protection scheme | |
| JP2015082077A (en) | Encryption device, control method, and program |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20170426 |