CN106599714A - Reduction method and device for Android terminal full-disk enciphered data - Google Patents
Reduction method and device for Android terminal full-disk enciphered data Download PDFInfo
- Publication number
- CN106599714A CN106599714A CN201611005341.3A CN201611005341A CN106599714A CN 106599714 A CN106599714 A CN 106599714A CN 201611005341 A CN201611005341 A CN 201611005341A CN 106599714 A CN106599714 A CN 106599714A
- Authority
- CN
- China
- Prior art keywords
- android
- decrypted
- subregion
- image file
- file
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
Abstract
The invention provides a reduction method and device for Android terminal full-disk enciphered data. The method comprises the following steps of: constructing an Android virtual machine program used for starting an Android kernel; starting the Android virtual machine program; initializing the Android kernel by the Android virtual machine program; loading an Android root file system mirror image file; operating a program in the Android root file system mirror image file; on the basis of a configuration script in the Android root file system mirror image file, loading a partitioning mirror image file to be decrypted; starting corresponding system basic service; on the basis of the system basic service, reading the partitioning mirror image file to be decrypted; on the basis of a user encryption secret key corresponding to the partitioning mirror image file to be decrypted, generating a middle secret key by the Android kernel; and on the basis of the middle secret key, decrypting the read partitioning mirror image file to be decrypted.
Description
Technical field
The present invention relates to data reduction technology field, more particularly to a kind of reduction of Android terminal full disk encryption data
Method and device.
Background technology
With the development of electronic evidence-collecting technology, Mobile Phone Forensics product form is also more and more diversified.Wherein chip for cell phone takes
Card product is quickly grown recently, is mainly its Jing and can often be solved other insurmountable problems of Mobile Phone Forensics product, for example, because
Being fallen, soaked, be burned out etc. causes the mobile phone of hardware damage, or the mobile phone that cannot be started up of system existing problems etc., at these
In the case of chip evidence obtaining be one of important feasible program.Simultaneously with the fast development of android system safe practice,
The terminals such as Android phone evidence obtaining problems faced is to be increasingly difficult to bypass the safety measure acquisition of android system
The data of Android phone, at this moment chip for cell phone evidence obtaining are also a feasible scheme.
Chip for cell phone evidence obtaining product typically extracts terminal, adaptor chip and corresponding extraction system group by chip mirror image
Into the data genaration image file extracted by which is finally collected evidence to the image file with Mobile Phone Forensics software again.
Yet with from the beginning of Android6.0, Google has Qiang Zhiyaoqiud that mobile phone carries out full disk encryption, from storage chip
The image file of reading is to encrypt, and Mobile Phone Forensics software cannot directly be collected evidence to this image file, and future chips evidence obtaining must
Increasing full disk encryption problem can so be faced.Android early stages AES can be broken by way of violence
Solution, the Chinese patent of such as 104598830 A of Publication No. CN disclose a kind of reduction that cracks for cracking mobile phone cipher file and are
System, including for the GUI processing units that logic shows are carried out to the file of interior of mobile phone;Check that the GUI processing units are called
Encryption file, the password cracking unit of process is decrypted to the encryption file;Check that the password cracking unit cracks text
The progress of part, the file to cracking while password cracking unit cracks file carry out the data updating unit of data renewal;
The display unit that data message to updating carries out the control unit of logical process and shown to data;Working condition
Under:Encrypted file logic sequence is carried out to file inside GUI processing unit calling mobile phones, password cracking unit is to above-mentioned
File carries out password cracking successively, and while decryption, the data updating unit is carried out not to the file data for cracking
It is disconnected to update, and data storage is carried out by control unit, data display is carried out by display unit.The method is by encryption text
Part carries out Brute Force one by one, realizes data convert.
But the Android AESs after repeatedly improving, it is difficult to be cracked by violence mode.Even if known
Full disk encryption password, it is also desirable to build a set of decryption process program, and spend the long period to carry out full disk encryption image file
Decryption, it is increasing especially as phone memory, the required cost time is decrypted to full disk encryption image file
It is longer.
The content of the invention
The technical problem to be solved is:A kind of method of reducing of Android terminal full disk encryption data is provided
And device, being capable of fast restore full disk encryption image file.
In order to solve above-mentioned technical problem, the technical solution used in the present invention is:
A kind of method of reducing of Android terminal full disk encryption data, including:
Build for starting the Android virtual machine programs of Android kernels;
Start Android virtual machine programs;
Android virtual machine programs initialize Android kernels;
Load the Android root file systems image file;
Run the program in the Android root file systems image file;
Subregion mirror image text to be decrypted is loaded according to the configuration script in the Android root file systems image file
Part;
Start corresponding system basic service;The subregion mirror image text to be decrypted is read according to the system basic service
Part;
Android kernels produce secret in the middle of one according to the corresponding user encryption key of the subregion image file to be decrypted
Key;
It is decrypted according to the subregion image file to be decrypted that the middle secret key pair reads.
The present invention provide another technical scheme be:
A kind of reduction apparatus of Android terminal full disk encryption data, including:Android virtual machine programs, Android
Kernel, Android root file systems image file and subregion image file to be decrypted;
The Android virtual machine programs are used to initialize Android kernels;
The Android kernels are used to load the Android root file systems image file;Run the Android
Program in root file system image file;Load according to the configuration script in the Android root file systems image file
Subregion image file to be decrypted;Start corresponding system basic service;According to the system basic service read described in wait to solve
Close subregion image file;Produce according to the corresponding user encryption key of the subregion image file to be decrypted secret in the middle of one
Key;It is decrypted according to the subregion image file to be decrypted that the middle secret key pair reads.
The beneficial effects of the present invention is:Using emulation technology, needed with read-only mode loading by Android virtual machines
The overall image file of decryption, i.e., above-mentioned subregion image file to be decrypted;Afterwards just can be directly to being loaded image file
Collected evidence.Existing Android keys encryption and decryption is utilized during Android virtual machines load overall image file simultaneously
The dm-crypt modules of algorithm frame and Android kernels, realize quick loading, because this method is not simultaneously needed to overall mirror
Its file system can just be accessed after being decrypted as file completely, the mode of existing Brute Force full disk encryption data is compared,
Have the advantages that simple to operate, decryption efficiency is high, using the solution of the present invention to full disk encryption data convert, should with high
Use prospect.
Description of the drawings
Flow charts of the Fig. 1 for the method for reducing of the Android terminal full disk encryption data of the embodiment of the present invention;
Structural representations of the Fig. 2 for the reduction apparatus of the Android terminal full disk encryption data of the embodiment of the present invention.
Label declaration:
1st, Android virtual machine programs;2nd, Android kernels;3rd, Android root file systems image file;4th, wait to solve
Close subregion image file.
Specific embodiment
By describing the technology contents of the present invention in detail, realizing purpose and effect, below in conjunction with embodiment and coordinate attached
Figure is explained.
The design of most critical of the present invention is:Subregion image file to be decrypted is loaded using Android virtual machines;
In Android, the subregion image file to be decrypted of verification loading is decrypted.
Fig. 1 is refer to, the present invention is provided:
A kind of method of reducing of Android terminal full disk encryption data, including:
Build for starting the Android virtual machine programs of Android kernels;
Start Android virtual machine programs;
Android virtual machine programs initialize Android kernels;
Load the Android root file systems image file;
Run the program in the Android root file systems image file;
Subregion mirror image text to be decrypted is loaded according to the configuration script in the Android root file systems image file
Part;
Start corresponding system basic service;The subregion mirror image text to be decrypted is read according to the system basic service
Part;
Android kernels produce secret in the middle of one according to the corresponding user encryption key of the subregion image file to be decrypted
Key;
It is decrypted according to the subregion image file to be decrypted that the middle secret key pair reads.
Knowable to foregoing description, the beneficial effect of the method for reducing of the Android terminal full disk encryption data of the present invention exists
In, subregion image file to be decrypted is read using emulation technology, and using the subregion image file of loading is checked in Android
It is decrypted.Specially where initial service in above-mentioned Android root file systems image file is substantially native services,
A little services can be customized according to script, wherein being adbd services with the maximally related service of the present invention, service energy by adbd
External program is enough provided and accesses all partition datas in Android virtual machines.
Further, the configuration script in the Android root file systems image file includes the first parameter and second
Parameter, first parameter are used to represent the subregion for needing loading;Second parameter is used for the subregion for representing encryption.
Knowable to foregoing description, the init.goldfish.rc scripts in Android root file system image files are included "
Mount_all/fstab.goldfish " is ordered, and it specifies Android virtual machines need which subregion loaded;
Comprising loading different parameters in each loading command in fstab.goldfish, wherein "-encryptable " is this point of instruction
Area is the mark of encryption, if "-encryptable=footer " shows encrypted partition, metamessage is stored in encrypted partition
Head, otherwise needs to indicate which special subregion encrypted partition metamessage is stored in by "-encryptable ".Android roots
Script in file system mirror file is not limited only to init.goldfish.rc scripts, also including init.rc,
The scripts such as init.goldfish.rc.
Further, start corresponding system basic service;Read according to the system basic service described to be decrypted
Subregion image file, specially:
If the corresponding configuration script of subregion to be decrypted includes second parameter, start corresponding system basic service
Read subregion metamessage to be decrypted.
Knowable to foregoing description, as the diverse location of subregion is stored with different information, and restoring data is to be read
It is subregion metamessage, by the position that subregion metamessage is learnt from the second parameter, and then reads subregion metamessage.
Further, Android kernels are produced according to the corresponding user encryption key of the subregion image file to be decrypted
A raw middle key, is decrypted according to the subregion image file to be decrypted that the middle secret key pair reads, further wraps
Include:
Android kernels call corresponding solution according to the subregion metamessage to be decrypted and user encryption key that read
Close algorithm produces a middle key;
The corresponding device file of the subregion to be decrypted is created using the middle key.
Knowable to foregoing description, the dm-crypt modules of Android kernels, according to user encryption key, are called a series of
Decipherment algorithm operation produces a middle key, then creates encryption by "/dev/device-mapper " by this middle key
Subregion corresponding device file "/dev/block/dm-xxx ", the then data for reading from this device file have been ciphertext data;Its
Middle decipherment algorithm quotes Android standard decipherment algorithm frameworks, and the framework can be modified if necessary as needed.
Further, the subregion image file to be decrypted is used for memory system data.
Knowable to foregoing description, the subregion image file to be decrypted of the present invention is the user data of corresponding A ndroid system
Subregion (userdata subregions), for storage system data.
Fig. 2 is refer to, another technical scheme of the present invention is:
A kind of reduction apparatus of Android terminal full disk encryption data, including:Android virtual machine programs 1, Android
Kernel 2, Android root file systems image file 3 and subregion image file 4 to be decrypted;
The Android virtual machine programs 1 are used to initialize Android kernels 2;
The Android kernels 2 are used to load the Android root file systems image file 3;Operation is described
Program in Android root file systems image file 3;According to the configuration in the Android root file systems image file 3
Script loads subregion image file 4 to be decrypted;Start corresponding system basic service;Read according to the system basic service
The subregion image file 4 to be decrypted;Produce according to the 4 corresponding user encryption key of subregion image file to be decrypted
One middle key;It is decrypted according to the subregion image file 4 to be decrypted that the middle secret key pair reads.
Further, the configuration script in the Android root file systems image file 3 includes the first parameter and second
Parameter, first parameter are used to represent the subregion for needing loading;Second parameter is used for the subregion for representing encryption.
Further, start corresponding system basic service;Read according to the system basic service described to be decrypted
Subregion image file, specially:
If the corresponding configuration script of subregion to be decrypted includes second parameter, start corresponding system basic service
Read subregion metamessage to be decrypted.
Further, Android kernels 2 are according to the 4 corresponding user encryption key of subregion image file to be decrypted
A middle key is produced, is decrypted according to the subregion image file 4 to be decrypted that the middle secret key pair reads, further
Including:
Android kernels 2 call corresponding solution according to the subregion metamessage to be decrypted and user encryption key that read
Close algorithm produces a middle key;
The corresponding device file of the subregion to be decrypted is created using the middle key.
Further, the subregion image file 4 to be decrypted is used for memory system data.
Embodiments of the invention one are:
A kind of reduction apparatus of Android terminal full disk encryption data, including:Android virtual machine programs, Android
Kernel, Android root file systems image file and subregion image file to be decrypted;
Android virtual machine programs are host-initiated Android virtual machine entrances, there is provided abundant parameter is controlling
Android virtual machines start and run, as the present embodiment is primarily directed to subregion to be decrypted, so passing through series of parameters
Optimization virtual machine starts, such as:"-no-boot-anim ", "-no-audio ", "-no-skin " and "-no-window ";Wherein "-
No-window " will make Android virtual machines not start the related service of android system application layer and program, to accelerate the invention
Scheme decrypts subregion loading procedure;It is also virtual for Android by parametric form that the present embodiment is related to other image files
Machine specifies concrete file, specifically relates generally to following parameter:"-kernel " specifies Android kernel mirror image files, "-
Ramdisk " specifies Android root file system image files, and "-data " specifies overall image file to be decrypted, i.e., above-mentioned
Subregion image file to be decrypted;
Android system kernel mirror image file is the kernel program of Android virtual machines, it be connecting virtual machine with
The most key part of Android application layers, in order that Android applications can be run as operating in mobile phone, except offer
Outside basic core content function, also some specific virtual units are provided for Android virtual machines, it is individual that these particularitys have its kernel
Especially claim name " goldfish ";" dm-crypt " module that kernel program is included is the key modules of the present embodiment, is come by it
Concrete to perform partition data decryption oprerations, its decryption pre action is creating the block device decrypted according to key by kernel
File;
Android root file system image files are a parts in boot subregion image files in android system, it by
Kernel includes most important initialization journey being responsible for loading its memory file system for arriving root-"/", in this root file system
Sequence-init and various configuration script files, they are responsible for the startup of system initialization and various services, wherein with the present embodiment most
It is which subregion and its loading method loaded comprising specified for these scripts for correlation;
Image file to be decrypted, also makes overall image file to be decrypted, the image file refer in this area
The userdata subregions of android system, for preserving user data, partitioned file system type is presently mainly ext4;
Android virtual machine programs, Android kernels, Android root file systems image file and subregion to be decrypted
Image file work is as follows:
The Android virtual machine programs are used to initialize Android kernels;
The Android kernels are used to load the Android root file systems image file;Run the Android
Program in root file system image file;Load according to the configuration script in the Android root file systems image file
Subregion image file to be decrypted;Configuration script in the Android root file systems image file include the first parameter and
Second parameter, first parameter are used to represent the subregion that Android virtual machines need loading;Second parameter is used to represent
The subregion of encryption;
If the corresponding configuration script of subregion to be decrypted includes second parameter, start corresponding system basic service
Read subregion metamessage to be decrypted;Android kernels are secret according to the subregion metamessage to be decrypted and user encryption for reading
Key, calls corresponding decipherment algorithm to produce a middle key;
The corresponding device file of the subregion to be decrypted is created using the middle key.
Embodiments of the invention two are:
It is a kind of to go back the corresponding method of original system with the Android terminal full disk encryption data of above-described embodiment one, including:
Build for starting the Android virtual machine programs of Android kernels;
Start Android virtual machine programs;The relevant parameter optimization Android for arranging Android virtual machine programs is virtual
Machine please and specify concrete file for Android virtual machines, such as:"-no-boot-anim"、"-no-audio"、"-no-
Skin " and "-no-window ";Wherein "-no-window " will make Android virtual machines not start android system application layer
Related service and program, to accelerate the scheme of the invention to decrypt subregion loading procedure;"-kernel " specifies Android kernel mirror images
File, "-ramdisk " specify Android root file system image files, "-data " to specify overall image file to be decrypted;
Android virtual machine programs initialize Android kernels;Specifically, Android virtual machine programs according to
Android kernel mirror image files, start Android kernels to initialize each virtual unit and carry out for user space program operation
Prepare;
Load the Android root file systems image file;
Run the program in the Android root file systems image file;Specifically, Android kernels are initially completed
Afterwards, Android root file system image files are loaded, and therefrom find first initialization program-init of user's space,
User's space is switched to from kernel spacing and init programs are run;
Subregion mirror image text to be decrypted is loaded according to the configuration script in the Android root file systems image file
Part;Configuration script in the Android root file systems image file includes the first parameter and the second parameter, first ginseng
Number needs the subregion of loading for representing;Second parameter is used for the subregion for representing encryption;Specifically, exist
Init.goldfish.rc scripts sheet is ordered comprising " mount_all/fstab.goldfish ", and fstab.goldfish files are
It is included in Android root file system mirror images, it specifies Android virtual systems need which subregion loaded;
Comprising loading different parameters in each loading command in fstab.goldfish, wherein "-encryptable " indicates the subregion
For encryption mark, if "-encryptable=footer " shows that encrypted partition metamessage is stored in the head of encrypted partition
Portion, otherwise needs to indicate which special subregion encrypted partition metamessage is stored in by "-encryptable ";
If the corresponding configuration script of subregion to be decrypted includes second parameter, start corresponding system-based clothes
Business, reads subregion metamessage to be decrypted according to the system basic service;Such as:In subregion loading procedure to be decrypted if
It is found and identifies comprising "-encryptable ", then starts related service and read subregion metamessage to be decrypted;
Android kernels call corresponding solution according to the subregion metamessage to be decrypted and user encryption key that read
Close algorithm produces a middle key;The corresponding device file of the subregion to be decrypted is created using the middle key;Such as:Root
According to the encrypted partition metamessage and user encryption key (default key is used if not) that read, a series of decryption are called to calculate
Method operation (quoting Android standard decipherment algorithm frameworks, make an amendment as needed if necessary) one intermediate key of generation, then by
This intermediate key creates encrypted partition corresponding device file "/dev/block/dm- by "/dev/device-mapper "
Xxx ", the data read from this device file have been ciphertext data;External program may have access to by adb programs and decrypt
Userdata subregions;
Continue Android virtual machine Booting sequences, it is possible to achieve the data convert to other subregions.
In sum, the method for reducing and system of the Android terminal full disk encryption data that the present invention is provided, makes
Android virtual machines can load overall image file to be decrypted with read-only mode, afterwards just can be directly complete to being loaded
Disk mirroring is collected evidence.Android virtual machines utilize Android key enciphering and deciphering algorithms in being carried in overall mirrored procedure simultaneously
Framework and Android kernel dm-crypt modules so that loading procedure is quick, because this method is not simultaneously needed to overall mirror image
File can just access its file system after decrypting completely;For further, also dependent on special handset decryption flow process modification
Android virtual machines are decrypted flow process quickly to increase its supporting rate.
Embodiments of the invention are the foregoing is only, the scope of the claims of the present invention is not thereby limited, it is every using this
The equivalents made by bright description and accompanying drawing content, or the technical field of correlation is directly or indirectly used in, include in the same manner
In the scope of patent protection of the present invention.
Claims (10)
1. a kind of method of reducing of Android terminal full disk encryption data, it is characterised in that include:
Build for starting the Android virtual machine programs of Android kernels;
Start Android virtual machine programs;
Android virtual machine programs initialize Android kernels;
Load the Android root file systems image file;
Run the program in the Android root file systems image file;
Subregion image file to be decrypted is loaded according to the configuration script in the Android root file systems image file;
Start corresponding system basic service;The subregion image file to be decrypted is read according to the system basic service;
Android kernels produce a middle key according to the corresponding user encryption key of the subregion image file to be decrypted;
It is decrypted according to the subregion image file to be decrypted that the middle secret key pair reads.
2. the method for reducing of Android terminal full disk encryption data according to claim 1, it is characterised in that described
Configuration script in Android root file system image files includes the first parameter and the second parameter, and first parameter is used for
Representing needs the subregion of loading;Second parameter is used for the subregion for representing encryption.
3. the method for reducing of Android terminal full disk encryption data according to claim 2, it is characterised in that according to institute
State after configuration script in Android root file system image files loads subregion image file to be decrypted, start correspondence
System basic service before, further include:
If the corresponding configuration script of subregion to be decrypted includes second parameter, start corresponding system basic service and read
Subregion metamessage to be decrypted.
4. the method for reducing of Android terminal full disk encryption data according to claim 3, it is characterised in that Android
Kernel produces a middle key according to the corresponding user encryption key of the subregion image file to be decrypted, according to the centre
The subregion image file to be decrypted that secret key pair reads is decrypted, and further includes:
Android kernels call corresponding decryption to calculate according to the subregion metamessage to be decrypted and user encryption key for reading
Method produces a middle key;
The corresponding device file of the subregion to be decrypted is created using the middle key.
5. the method for reducing of Android terminal full disk encryption data according to claim 1, it is characterised in that described to treat
The subregion image file of decryption is used for memory system data.
6. a kind of reduction apparatus of Android terminal full disk encryption data, it is characterised in that include:Android virtual machine journeys
Sequence, Android kernels, Android root file systems image file and subregion image file to be decrypted;
The Android virtual machine programs are used to initialize Android kernels;
The Android kernels are used to load the Android root file systems image file;Run the Android roots text
Program in part system image file;Load according to the configuration script in the Android root file systems image file and wait to solve
Close subregion image file;Start corresponding system basic service;Read according to the system basic service described to be decrypted
Subregion image file;A middle key is produced according to the corresponding user encryption key of the subregion image file to be decrypted;According to
It is decrypted according to the subregion image file to be decrypted that the middle secret key pair reads.
7. reduction apparatus of Android terminal full disk encryption data according to claim 6, it is characterised in that described
Configuration script in Android root file system image files includes the first parameter and the second parameter, and first parameter is used for
Representing needs the subregion of loading;Second parameter is used for the subregion for representing encryption.
8. reduction apparatus of Android terminal full disk encryption data according to claim 7, it is characterised in that according to institute
State after configuration script in Android root file system image files loads subregion image file to be decrypted, start correspondence
System basic service before, the Android kernels are additionally operable to:
If the corresponding configuration script of subregion to be decrypted includes second parameter, start corresponding system basic service and read
Subregion metamessage to be decrypted.
9. reduction apparatus of Android terminal full disk encryption data according to claim 8, it is characterised in that Android
Kernel produces a middle key according to the corresponding user encryption key of the subregion image file to be decrypted, according to the centre
The subregion image file to be decrypted that secret key pair reads is decrypted, and further includes:
Android kernels call corresponding decryption to calculate according to the subregion metamessage to be decrypted and user encryption key for reading
Method produces a middle key;
The corresponding device file of the subregion to be decrypted is created using the middle key.
10. reduction apparatus of Android terminal full disk encryption data according to claim 6, it is characterised in that described to treat
The subregion image file of decryption is used for memory system data.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611005341.3A CN106599714B (en) | 2016-11-15 | 2016-11-15 | The restoring method and device of Android terminal full disk encryption data |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201611005341.3A CN106599714B (en) | 2016-11-15 | 2016-11-15 | The restoring method and device of Android terminal full disk encryption data |
Publications (2)
Publication Number | Publication Date |
---|---|
CN106599714A true CN106599714A (en) | 2017-04-26 |
CN106599714B CN106599714B (en) | 2019-05-24 |
Family
ID=58591046
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201611005341.3A Active CN106599714B (en) | 2016-11-15 | 2016-11-15 | The restoring method and device of Android terminal full disk encryption data |
Country Status (1)
Country | Link |
---|---|
CN (1) | CN106599714B (en) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108052328A (en) * | 2017-11-09 | 2018-05-18 | 华中科技大学 | A kind of construction method of Android system and its application |
CN108287733A (en) * | 2017-12-19 | 2018-07-17 | 广东睿江云计算股份有限公司 | A kind of virtual machine load startup method |
CN109614203A (en) * | 2018-12-08 | 2019-04-12 | 公安部第三研究所 | A kind of Android application cloud data evidence-taking and analysis system and method based on application data simulation |
CN111159726A (en) * | 2019-12-10 | 2020-05-15 | 中国电子科技网络信息安全有限公司 | Full disk encryption and decryption method and system based on UEFI (unified extensible firmware interface) environment variable |
CN111177773A (en) * | 2019-12-10 | 2020-05-19 | 中国电子科技网络信息安全有限公司 | Full disk encryption and decryption method and system based on network card ROM |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN104461695A (en) * | 2014-12-24 | 2015-03-25 | 四川效率源信息安全技术有限责任公司 | Method and device for displaying data through simulation |
CN105005514A (en) * | 2015-07-02 | 2015-10-28 | 四川效率源信息安全技术有限责任公司 | Data forensic method of device based on Android system |
CN105302473A (en) * | 2014-06-23 | 2016-02-03 | 四川效率源信息安全技术有限责任公司 | System and method for carrying out physical mirroring extraction on phone body data of Android mobile phone |
-
2016
- 2016-11-15 CN CN201611005341.3A patent/CN106599714B/en active Active
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN105302473A (en) * | 2014-06-23 | 2016-02-03 | 四川效率源信息安全技术有限责任公司 | System and method for carrying out physical mirroring extraction on phone body data of Android mobile phone |
CN104461695A (en) * | 2014-12-24 | 2015-03-25 | 四川效率源信息安全技术有限责任公司 | Method and device for displaying data through simulation |
CN105005514A (en) * | 2015-07-02 | 2015-10-28 | 四川效率源信息安全技术有限责任公司 | Data forensic method of device based on Android system |
Non-Patent Citations (1)
Title |
---|
阿拉神农: "深入理解Android之设备加密Device Encryption", 《HTTPS://BLOG.CSDN.NET/INNOST/ARTICLE/DETAILS/44519775》 * |
Cited By (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN108052328A (en) * | 2017-11-09 | 2018-05-18 | 华中科技大学 | A kind of construction method of Android system and its application |
CN108287733A (en) * | 2017-12-19 | 2018-07-17 | 广东睿江云计算股份有限公司 | A kind of virtual machine load startup method |
CN109614203A (en) * | 2018-12-08 | 2019-04-12 | 公安部第三研究所 | A kind of Android application cloud data evidence-taking and analysis system and method based on application data simulation |
CN109614203B (en) * | 2018-12-08 | 2023-10-27 | 公安部第三研究所 | Android application cloud data evidence obtaining and analyzing system and method based on application data simulation |
CN111159726A (en) * | 2019-12-10 | 2020-05-15 | 中国电子科技网络信息安全有限公司 | Full disk encryption and decryption method and system based on UEFI (unified extensible firmware interface) environment variable |
CN111177773A (en) * | 2019-12-10 | 2020-05-19 | 中国电子科技网络信息安全有限公司 | Full disk encryption and decryption method and system based on network card ROM |
Also Published As
Publication number | Publication date |
---|---|
CN106599714B (en) | 2019-05-24 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN106599714B (en) | The restoring method and device of Android terminal full disk encryption data | |
CN105391840B (en) | Automatically create destination application | |
CN110637301B (en) | Reducing disclosure of sensitive data in virtual machines | |
CN107659632A (en) | A kind of file encryption-decryption method, device and computer-readable recording medium | |
CN110023941A (en) | A kind of system on chip and method for realizing secure operating system switching | |
CN110086609A (en) | The method and electronic equipment of data safety backup and security recovery | |
CN106105089B (en) | The dynamic encryption key that close XTS encryption system is used together is compiled with reduction bout is used | |
CN109460670A (en) | Configuration item decryption method, device, computer equipment and storage medium | |
CN106027261B (en) | FPGA-based L UKS authentication chip circuit and password recovery method thereof | |
CN107196907A (en) | A kind of guard method of Android SO files and device | |
CN109460639A (en) | A kind of license authentication control method, device, terminal and storage medium | |
CN111404682B (en) | Android environment key segmentation processing method and device | |
CN107026728A (en) | Dynamic pretrigger stores encryption key | |
CN101114256B (en) | Real-time data security method | |
CN111191195A (en) | Method and device for protecting APK | |
CN107111728A (en) | Safe key export function | |
CN108460875A (en) | A kind of entrance guard authentication method and device based on dynamic two-dimension code | |
CN101504622B (en) | Method and device for information interaction between threads | |
CN107688756B (en) | Hard disk control method, equipment and readable storage medium storing program for executing | |
CN110263532A (en) | Trusted computing method, equipment and system | |
CN101436162A (en) | Method and system for implementing memory multiuser management | |
CN110109717A (en) | A kind of loading control method, device and the computer equipment of Android plug-in unit | |
KR101783281B1 (en) | Electronic terminal device for safe storage of identification data and operating method thereof | |
CN108521419A (en) | Access processing method, device and the computer equipment of observation system file | |
EP3913509A1 (en) | Method to secure computer code |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
GR01 | Patent grant | ||
GR01 | Patent grant |