CN108229106A - A kind of dynamic base encryption and decryption and dynamic loading method based on interaction protocol - Google Patents

A kind of dynamic base encryption and decryption and dynamic loading method based on interaction protocol Download PDF

Info

Publication number
CN108229106A
CN108229106A CN201711432360.9A CN201711432360A CN108229106A CN 108229106 A CN108229106 A CN 108229106A CN 201711432360 A CN201711432360 A CN 201711432360A CN 108229106 A CN108229106 A CN 108229106A
Authority
CN
China
Prior art keywords
dynamic
code
decryption
dynamic base
function
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201711432360.9A
Other languages
Chinese (zh)
Inventor
王兴军
刘斌
梁志坚
孙鹏展
李金库
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Unitend Technologies Inc
Original Assignee
Shenzhen Unitend Technologies Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Unitend Technologies Inc filed Critical Shenzhen Unitend Technologies Inc
Priority to CN201711432360.9A priority Critical patent/CN108229106A/en
Publication of CN108229106A publication Critical patent/CN108229106A/en
Pending legal-status Critical Current

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3236Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions
    • H04L9/3239Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials using cryptographic hash functions involving non-keyed hash functions, e.g. modification detection codes [MDCs], MD5, SHA or RIPEMD
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/60Digital content management, e.g. content distribution
    • H04L2209/603Digital right managament [DRM]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/72Signcrypting, i.e. digital signing and encrypting simultaneously

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Multimedia (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a kind of dynamic base encryption and decryption and dynamic loading method based on interaction protocol.The present invention implements to be used in digital media content protection DRM technology system; the safe designs such as protection is encrypted in software code, interface is hidden are performed to terminal security; the present invention can be effectively prevented under open environment carries out security algorithm attack to drm agent using the illegal means of static code conversed analysis, ensures the reliability of drm agent safety.

Description

A kind of dynamic base encryption and decryption and dynamic loading method based on interaction protocol
Technical field
The present invention relates to digital media rights managing drm field, specifically a kind of dynamic base based on interaction protocol adds solution Close and dynamic loading method.
Background technology
Digital media content protects DRM technology, is to be widely used in the multimedia digital contents such as audio and video, document copyright guarantor The mainstream technology of shield, is widely used in.In DRM application system systems, drm agent undertakes certification, mandate, content decryption pass One button security function.Drm agent is typically that middleware includes dynamic, the collection of functions form of static library, is needed and various audio and video The application terminals such as DST PLAYER, document reader integrate, the operating system platforms such as operation Windows, Android, IOS.
In the application of practical DRM technology, one side drm agent software performs security algorithm, has high security requirement; Another aspect drm agent software executable code, which is in, to be exposed to the open air under open environment, is easy to by software conversed analysis Attack so as to thoroughly destroy DRM technology foundation for security.Therefore, it is weight in DRM technology safely to solve drm agent software code It challenges.
The reverse-engineering of software code all have developed rapidly from theory and practice at present, in theory application program slice, mould The analysis methods such as type checking, data-flow analysis carry out conversed analysis generally directed to code disassembling code is performed, in practice, C, the programming languages such as C++, Java can do conversed analysis, while have also appeared many reverse engineering softwares.In conversed analysis On the basis of, means are distorted etc. by code and change software execution route and logic, the safety to crack.
In order to prevent to drm agent static code conversed analysis, therefore propose one kind by core security software generation Code encryption and interface Hiding Mechanism improve the safety of drm agent.
Invention content
The purpose of the present invention is to provide a kind of dynamic base encryption and decryption and dynamic loading method based on interaction protocol, with solution Certainly the problems mentioned above in the background art.
To achieve the above object, the present invention provides following technical solution:
A kind of dynamic base encryption and decryption and dynamic loading method based on interaction protocol, comprise the steps of:
S1, drm agent decompose code loading device and core code library;
S2, core code library file dynamic base external function interface is hidden, calculates digital signature and encrypted content file;
S3, package file head is added to encrypted core code library file;
S4, the code loading device of plaintext is only needed to be integrated with function library and third-party application;
S5, code loading device and DRM system establish information needed of the encryption session channel acquisition to file decryption;
S6, will core code library read in memory in decrypt and check digit signature;
S7, by memory decrypt after core code library dynamic base mapping process virtual linear space;
S8, the entrance function address that core code library is obtained from the dynamic base of mapping, are realized to core code bank interface function It calls.
As further embodiment of the present invention:The method that the function interface is hidden is specifically:By dynamic chain in dynamic base It connects function link symbol and function address in function table to remove, interface function address is written according to preset hiding strategy to default one A code segment space;Generally by the use of special function code section space as interface function address hiding space;The rule that interface is hidden Then obtained in real time from DRM system end when code loading device starts.
As further scheme of the invention:Gateway and HNR servers can establish network communication tunnel, after tunnel building All network up and down data of gateway all have to pass through HNR servers, HNR servers by gateway it is all or most of under Row data all walk digital TV network by IPQAM modulators and are sent to gateway.
As further scheme of the invention:The code loading device when decrypting core code library must by with Secured session is in real time by obtaining decryption key information between DRM system end.
As further scheme of the invention:To the decryption of core code library and signature verification in memory, solve in memory Dynamic base is mapped directly to process linear space after close, ensure that the core code that plaintext will not be preserved in terminal document system Library prevents code static state conversed analysis.
Compared with prior art, the beneficial effects of the invention are as follows:The present invention, which utilizes, will have safety requirements in drm agent Algorithm, logic and flow are included into core code library, it is encrypted, be distributed to again after digital signature it is various types of under open environment Type application terminal;Code loading device is built upon to core code library decruption key and establishes secured session channel base with DRM system It is obtained on plinth by interacting message mode from DRM system end;Decryption is completed, and with digital signature verification from memory in memory Directly mapping loads core code dynamic base.Distribution of these technical methods from drm agent core security function module, terminal File storage, file decryption, dynamic base load process and decruption key real-time, interactive securing mechanism end to end, have ensured not It can be intercepted and captured by third party with clear-text way, implement anti-converge to drm agent core security function so as to be effectively prevented third party Modes static code conversed analysis and the code injections such as volume, ensure that operational safety of the drm agent under open environment.This hair Processing method in bright for dynamic base is applicable in Windows PE forms, Linux and Android ELF formats and other platforms Dynamic library file call format.
Description of the drawings
Fig. 1 is dynamic base encryption and decryption and dynamic loading method flow provided in an embodiment of the present invention based on interaction protocol Figure.
Fig. 2 is dynamic base function interface hidden method flow chart provided in an embodiment of the present invention.
Specific embodiment
Below in conjunction with the attached drawing in the embodiment of the present invention, the technical solution in the embodiment of the present invention is carried out clear, complete Site preparation describes, it is clear that described embodiment is only part of the embodiment of the present invention, instead of all the embodiments.It is based on Embodiment in the present invention, those of ordinary skill in the art are obtained every other without making creative work Embodiment shall fall within the protection scope of the present invention.
Please refer to Fig.1 ~ 2, in the embodiment of the present invention, a kind of dynamic base encryption and decryption and dynamic load side based on interaction protocol Method, this method are applied to the application that terminal operating system is windows platform, for example video player integrates drm agent reality The management and control of existing digital media rights protection.Refering to what is shown in Fig. 1, this method generally comprises step S1 to S6:
In step S1, drm agent be divided into code loading device and two, core code library mould as the integration middleware of player Block.Under windows platform, code loading device is compiled into static library or dynamic base and does binding with player code;Core code Library is compiled into dynamic base, and the dynamic base after compiling is the dynamic link libraries of PE forms.
In step S2, a group key is pre-set in the drm system, is passed through when needing and core code library version is encrypted File encryption tool chooses a key from DRM system.Generally preferably core is calculated using MD5 digital digest algorithms first Code library file digital signature string recycles selection key application symmetric encipherment algorithm AES that file is encrypted.
The above content is a further detailed description of the present invention in conjunction with specific preferred embodiments, it is impossible to assert The specific implementation of the present invention is confined to these explanations.For those skilled in the art to which the present invention belongs, it is not taking off Under the premise of from present inventive concept, several equivalent substitute or obvious modifications can also be made, and performance or use is identical, all should When being considered as belonging to protection scope of the present invention.
Package file head is added in step S3, for encrypted core code library file, top of file includes version number, adds Close key identification ID, interface hiding strategy, file size information, digital signature information and other information is for library text Part decrypts information needed.
In step S4, code loading device and player do software binding and integrate, player allows to call code loading device public The function interface opened, for starting module or other funcalls.Encrypted core code library file is beaten with player Packet or individual files downloading mode are stored in the local file system of terminal device.
Start code loading device simultaneously in step S5, in player start-up course, code loading device is to DRM system
CHAP messaging protocols are initiated, two-way encrypted session channel is set up by exchanging key.Code loading device is from specified text The encapsulation header of core code library file under part path initiates key query messages in session channel, obtains key identification The corresponding keys of ID, while interface hiding strategy information is obtained according to version number.
In step S6, code loading device encrypted core code library file is read in memory, find encryption part Memory start offset does decryption oprerations according to encrypted data length using the key of acquisition to core code file, interior after decryption Hold and calculate MD5 digital digests and sign consistency with digital digest contrast verification in file header, if it is inconsistent, being considered as illegal File and abandon subsequent step.
In step S6, code loading device decryption verification is signed after internal storage data, practical corresponding dynamic library file loading process The line of each section of Section according to the PE format protocols of dynamic link library (DLL) under Windows, is readjusted in virtual linear space Property address, the specific method of the step are as follows:
First according to PE forms calculate need in process continuously and virtually linear space application space size, and be set as it is read-write can Execution pattern;Dynamic base each section after being decrypted in memory is copied to corresponding virtual memory space;Recalculate reorientation Address;Then function can be called behind export entrance function address, that is, completes dll file and be loaded directly into process from memory.
As shown in Fig. 2, another embodiment of the present invention provides a kind of method that dynamic base function interface is hidden, For drm agent core code library to be removed external function interface symbolic information in the dynamic symbol chained list of dynamic base, And function address is hidden in code segment or data segment using hidden algorithm.Refering to what is shown in Fig. 2, this method generally comprises step H1 to H4:
It is obtained in step H1, in the dynamic symbol chained list for the core code dynamic library file for parsing Windows PE forms all External interface function address.
In step H2, using the code segment that one section of space is reserved in core code dynamic base, specific method is definition one A to include continuous number non-operation instruction NOP functions, the code segment space occupied by the use of the function is deposited as interface function address The space put, the function address are the initial positions in this section of space.Preset one group of hiding strategy in the drm system, different core Heart code library version selects a hiding strategy.Hiding strategy is defined as interface function address and successively puts in order coding.
In step H3, after the completion of interface function address hiding, the root of an agreement is retained in dynamic symbol chained list Outside interface function address, remaining interface function address contents is removed.
In step H4, after core code library DLL is mapped to memory headroom by code loading device, using in Document encapsulation head Version number obtains interface hiding strategy information from DRM system.The root interface function in core code library according to interface hiding strategy also Original goes out other all correct corresponding interface function addresses, returns to code loading device interface function address list and is total to code loading Device funcall.

Claims (5)

1. a kind of dynamic base encryption and decryption and dynamic loading method based on interaction protocol, which is characterized in that comprise the steps of:
S1, drm agent decompose code loading device and core code library;
S2, core code library file dynamic base external function interface is hidden, calculates digital signature and encrypted content file;
S3, package file head is added to encrypted core code library file;
S4, the code loading device of plaintext is only needed to be integrated with function library and third-party application;
S5, code loading device and DRM system establish information needed of the encryption session channel acquisition to file decryption;
S6, will core code library read in memory in decrypt and check digit signature;
S7, by memory decrypt after core code library dynamic base mapping process virtual linear space;
S8, the entrance function address that core code library is obtained from the dynamic base of mapping, are realized to core code bank interface function It calls.
2. dynamic base encryption and decryption and dynamic loading method according to claim 1 based on interaction protocol, which is characterized in that The method that the function interface is hidden is specifically:By function link symbol and function address in dynamic link function table in dynamic base It removes, interface function address is written according to preset hiding strategy to a default code segment space;Generally utilize special function generation Code section space is as interface function address hiding space;The rule that interface is hidden is when code loading device starts in real time from DRM systems System end obtains.
3. dynamic base encryption and decryption and dynamic loading method according to claim 1 based on interaction protocol, which is characterized in that Believed by calculating digital digest and encryption by adding the key needed for the description decryption of package file head in the core code library Breath, version information.
4. dynamic base encryption and decryption and dynamic loading method according to claim 1 based on interaction protocol, which is characterized in that The code loading device must be solved by obtaining in real time when decrypting core code library by secured session between DRM system end Key information.
5. dynamic base encryption and decryption and dynamic loading method according to claim 4 based on interaction protocol, which is characterized in that To the decryption of core code library and signature verification in memory, dynamic base is mapped directly to process linear space after decrypting in memory, Ensure that will not preserve the core code library of plaintext in terminal document system, prevent code static state conversed analysis.
CN201711432360.9A 2017-12-26 2017-12-26 A kind of dynamic base encryption and decryption and dynamic loading method based on interaction protocol Pending CN108229106A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201711432360.9A CN108229106A (en) 2017-12-26 2017-12-26 A kind of dynamic base encryption and decryption and dynamic loading method based on interaction protocol

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201711432360.9A CN108229106A (en) 2017-12-26 2017-12-26 A kind of dynamic base encryption and decryption and dynamic loading method based on interaction protocol

Publications (1)

Publication Number Publication Date
CN108229106A true CN108229106A (en) 2018-06-29

Family

ID=62648917

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201711432360.9A Pending CN108229106A (en) 2017-12-26 2017-12-26 A kind of dynamic base encryption and decryption and dynamic loading method based on interaction protocol

Country Status (1)

Country Link
CN (1) CN108229106A (en)

Cited By (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108985096A (en) * 2018-07-13 2018-12-11 厦门市美亚柏科信息股份有限公司 A kind of enhancing of Android SQLite database security, method for safely carrying out and device
CN109359451A (en) * 2018-11-12 2019-02-19 兴科迪科技(泰州)有限公司 A kind of architecture based on security control box container, method and system
CN109446751A (en) * 2018-09-30 2019-03-08 深圳市迷你玩科技有限公司 Generate the method, apparatus and storage medium of the data set including multiple subfiles
CN110414217A (en) * 2019-07-31 2019-11-05 广东小天才科技有限公司 Method for safe operation, device, electronic equipment and the storage medium of application program
CN111800416A (en) * 2020-07-03 2020-10-20 西南大学 Cryptographic protocol analysis method based on non-monotonicity dynamic cognitive logic
CN112130863A (en) * 2020-08-18 2020-12-25 许继集团有限公司 Protection method for preventing disassembly of client program

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030097577A1 (en) * 2001-11-20 2003-05-22 Rainbow Technologies, Inc. Software protection method utilizing hidden application code in a protection dynamic link library object
CN102938036A (en) * 2011-11-29 2013-02-20 Ut斯达康通讯有限公司 Section double encryption and safe loading method of Windows dynamic link library
CN106295370A (en) * 2016-08-19 2017-01-04 北京奇虎科技有限公司 A kind of method and apparatus of the dynamic link library (DLL) file reinforcing installation kit

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20030097577A1 (en) * 2001-11-20 2003-05-22 Rainbow Technologies, Inc. Software protection method utilizing hidden application code in a protection dynamic link library object
CN102938036A (en) * 2011-11-29 2013-02-20 Ut斯达康通讯有限公司 Section double encryption and safe loading method of Windows dynamic link library
CN106295370A (en) * 2016-08-19 2017-01-04 北京奇虎科技有限公司 A kind of method and apparatus of the dynamic link library (DLL) file reinforcing installation kit

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
蔡郑: "DRM客户端的代码保护研究", 《万方数据》 *

Cited By (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN108985096A (en) * 2018-07-13 2018-12-11 厦门市美亚柏科信息股份有限公司 A kind of enhancing of Android SQLite database security, method for safely carrying out and device
CN108985096B (en) * 2018-07-13 2021-11-02 厦门市美亚柏科信息股份有限公司 Security enhancement and security operation method and device for Android SQLite database
CN109446751A (en) * 2018-09-30 2019-03-08 深圳市迷你玩科技有限公司 Generate the method, apparatus and storage medium of the data set including multiple subfiles
CN109359451A (en) * 2018-11-12 2019-02-19 兴科迪科技(泰州)有限公司 A kind of architecture based on security control box container, method and system
CN110414217A (en) * 2019-07-31 2019-11-05 广东小天才科技有限公司 Method for safe operation, device, electronic equipment and the storage medium of application program
CN110414217B (en) * 2019-07-31 2023-03-24 广东小天才科技有限公司 Safe operation method and device of application program, electronic equipment and storage medium
CN111800416A (en) * 2020-07-03 2020-10-20 西南大学 Cryptographic protocol analysis method based on non-monotonicity dynamic cognitive logic
CN111800416B (en) * 2020-07-03 2021-07-27 西南大学 Cryptographic protocol analysis method based on non-monotonicity dynamic cognitive logic
CN112130863A (en) * 2020-08-18 2020-12-25 许继集团有限公司 Protection method for preventing disassembly of client program
CN112130863B (en) * 2020-08-18 2023-10-20 许继集团有限公司 Protection method for preventing disassembly of client program

Similar Documents

Publication Publication Date Title
CN108229106A (en) A kind of dynamic base encryption and decryption and dynamic loading method based on interaction protocol
CN102890758B (en) Method and system for protecting executable file
CN105956456B (en) A kind of pair of android system carries out the implementation method of quadruple combinations signature verification
CN104581214B (en) Multimedia content guard method based on ARM TrustZone systems and device
CN102932349B (en) Data transmission method, device and system
CN106650327A (en) so file dynamic recovery-based Android application reinforcement method
CN109376504A (en) A kind of picture method for secret protection based on block chain technology
CN109992987B (en) Script file protection method and device based on Nginx and terminal equipment
WO2021217980A1 (en) Java code packing method and system
CN105681039A (en) Method and device for secret key generation and corresponding decryption
JPWO2004006075A1 (en) Open general-purpose attack-resistant CPU and its application system
KR20070001893A (en) Tamper-resistant trusted virtual machine
CN101751529A (en) Method and apparatus for the secure processing of confidential content within a virtual machine of a processor
JP2003309550A (en) Data operation method
WO2017181968A1 (en) Method for processing application file, method and device for accessing application file, and storage medium
CN109104724A (en) A kind of data ciphering method and device for device upgrade
CN107480478A (en) A kind of encryption method and operation method of JAVA application programs
CN105095771A (en) Method and apparatus for protecting shared target file
WO2021036511A1 (en) Method for data encryption, storage and reading, terminal device, and storage medium
CN111339201A (en) Evaluation method and system based on block chain
CN108199827A (en) Client code integrity checking method, storage medium, electronic equipment and system
CN106709380A (en) Encryption and decryption method and system capable of aiming at disk data memory area
CN109697366A (en) A kind of Android file transparent encipher-decipher method based on hook
CN102375954B (en) A kind of software application authentication method and device
CN112069535B (en) Dual-system safety intelligent terminal architecture based on access partition physical isolation

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication

Application publication date: 20180629

RJ01 Rejection of invention patent application after publication