CN110909318B - Operating system anti-theft method and device for user equipment and terminal - Google Patents
Operating system anti-theft method and device for user equipment and terminal Download PDFInfo
- Publication number
- CN110909318B CN110909318B CN201911156879.8A CN201911156879A CN110909318B CN 110909318 B CN110909318 B CN 110909318B CN 201911156879 A CN201911156879 A CN 201911156879A CN 110909318 B CN110909318 B CN 110909318B
- Authority
- CN
- China
- Prior art keywords
- operating system
- data
- downloading
- user equipment
- original data
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 52
- 238000012545 processing Methods 0.000 claims description 4
- 238000010586 diagram Methods 0.000 description 4
- 238000005516 engineering process Methods 0.000 description 3
- 230000003993 interaction Effects 0.000 description 3
- 230000008569 process Effects 0.000 description 3
- 238000012795 verification Methods 0.000 description 3
- 230000002159 abnormal effect Effects 0.000 description 2
- 230000002411 adverse Effects 0.000 description 2
- 238000011161 development Methods 0.000 description 2
- 230000000694 effects Effects 0.000 description 2
- 230000006870 function Effects 0.000 description 2
- 230000009286 beneficial effect Effects 0.000 description 1
- 230000000295 complement effect Effects 0.000 description 1
- 238000013461 design Methods 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000003068 static effect Effects 0.000 description 1
- 230000001360 synchronised effect Effects 0.000 description 1
- 230000001052 transient effect Effects 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
Abstract
An operating system anti-theft method, an operating system anti-theft device and a terminal for user equipment are provided, wherein the method comprises the following steps: when user equipment carries out programming of an operating system, receiving encrypted data sent by the user equipment, wherein the encrypted data is obtained by encrypting original data by the user equipment; decrypting the encrypted data to obtain decrypted data; and feeding back the decrypted data to the user equipment, judging whether the decrypted data is the same as the original data or not by the user equipment, and determining whether to continue downloading the operating system or not according to a judgment result. The technical scheme provided by the invention can verify the legality of the software version, improve the scheme of the product programming operating system and solve the problem that the software version can be programmed at will by lawbreakers.
Description
Technical Field
The invention relates to the technical field of computers, in particular to an operating system anti-theft method and device for user equipment and a terminal.
Background
In recent years, with the rapid development of various scientific technologies, various intelligent devices have appeared in the market, and are popular with users. Especially, the appearance of an Android operating system brings more intelligent hardware and products.
The Android operating system is a Linux-based operating system with free open source codes. The Android operating system is mainly used for mobile devices such as smart phones and tablet computers, and is developed by google corporation and the leader of the open mobile phone alliance. With the development of mobile technology, many traditional electronic products also start to increase functions in mobile aspects, and the Android operating system gradually expands to other fields, such as televisions, digital cameras, game machines, smart watches, and the like. When the Android operating system is used, the product needs to write the software version into the hardware module to control the hardware module, so that the hardware module can be normally used.
However, while the technology is developed, a few illegal persons who speculate to fall back exist, and the intelligent products are used for earning the violence. The lawbreaker intentionally writes the software version that cannot normally run on the hardware module into the hardware module, so that the normal hardware module cannot be used any more, and thus high claims are required for the loan. Many Android device manufacturers often choose to reimburse for their best.
How to optimize the product design and improve the product performance to avoid the occurrence of such events has become a technical problem to be solved urgently.
Disclosure of Invention
The technical problem solved by the invention is how to improve the scheme of programming the software version of the operating system by the user equipment.
In order to solve the above technical problem, an embodiment of the present invention provides an anti-spoofing method for an operating system of a user equipment, including: when user equipment carries out programming of an operating system, receiving encrypted data sent by the user equipment, wherein the encrypted data is obtained by encrypting original data by the user equipment; decrypting the encrypted data to obtain decrypted data; and feeding back the decrypted data to the user equipment, judging whether the decrypted data is the same as the original data or not by the user equipment, and determining whether to continue downloading the operating system or not according to a judgment result.
Optionally, the method for preventing the operating system from being stolen further includes: receiving an indication identifier sent by the user equipment, wherein the indication identifier is used for indicating whether the encrypted data is the same as the original data; and if the indication mark indicates that the decrypted data is the same as the original data, providing an operating system version for the user equipment to download.
Optionally, the encrypting data is encrypted by using an AES algorithm or an RSA algorithm, and the decrypting the encrypting data includes: and decrypting the encrypted data by adopting an AES algorithm or an RSA algorithm.
Optionally, the AES cipher block chaining mode key in the AES algorithm is stored in the download tool device and the user device, respectively.
Optionally, an RSA public key in the RSA algorithm is stored in the user equipment, and an RSA private key in the RSA algorithm is stored in the downloading tool equipment.
Optionally, the candidate encryption/decryption algorithms for encrypting/decrypting the original data are two or more, and the receiving the encrypted data sent by the user equipment includes: and receiving the encrypted data and the encryption and decryption algorithm identification sent by the user equipment, wherein the encryption and decryption algorithm identification is used for indicating the downloading tool equipment to decrypt by adopting the encryption and decryption algorithm represented by the encryption and decryption algorithm identification.
Optionally, the original data is a random number or user-defined data, and the user-defined data includes one or more of the following items of information: operating system version number, operating system version generation date.
In order to solve the above technical problem, an embodiment of the present invention further provides an anti-spoofing method for an operating system of a user equipment, including: when the operating system is programmed, encrypting the original data to obtain encrypted data; sending the encrypted data to a download tool device; receiving decrypted data fed back by the downloading tool equipment, wherein the decrypted data is obtained by decrypting the encrypted data; and judging whether the decrypted data is the same as the original data or not, and determining whether to continue downloading the operating system or not according to a judgment result.
Optionally, the method for preventing the operating system from being stolen further includes: generating an indication identifier, wherein the indication identifier is used for indicating whether the decrypted data is the same as the original data or not; sending the indication identification to the downloading tool equipment; and downloading the operating system version provided by the downloading tool equipment, and programming the downloaded operating system into a ROM (read only memory).
Optionally, the encrypting the original data includes: and encrypting the original data by adopting an AES algorithm or an RSA algorithm.
Optionally, the AES cipher block chaining mode key in the AES algorithm is stored in the download tool device and the user device, respectively.
Optionally, an RSA public key in the RSA algorithm is stored in the user equipment, and an RSA private key in the RSA algorithm is stored in the downloading tool equipment.
Optionally, the candidate encryption and decryption algorithms for encrypting and decrypting the original data are two or more, and the sending the encrypted data to the downloading tool device includes: and sending the encrypted data and the encryption and decryption algorithm identification to the downloading tool equipment, wherein the encryption and decryption algorithm identification is used for indicating the downloading tool equipment to decrypt by adopting the encryption and decryption algorithm represented by the encryption and decryption algorithm identification.
Optionally, the encrypting the original data includes: downloading FDL1 execution files to a first storage space, and running the FDL1 execution files; downloading an FDL2 execution file to a second storage space, and running the FDL2 execution file to encrypt the original data; wherein the first storage space is different from the second storage space.
Optionally, the downloading the FDL1 execution file to the first storage space and running the FDL1 includes: downloading the FDL1 execution file to an SRAM space, and verifying the FDL1 execution file by using RomCode; the downloading of the FDL2 execution files to the second storage space and running the FDL2 execution files to encrypt the original data includes: downloading the FDL2 execution file to a DRAM space, verifying the FDL2 execution file by using the verified FDL1 execution file, and encrypting the original data based on the verified FDL2 execution file.
Optionally, the original data is a random number or user-defined data, and the user-defined data includes one or more of the following items of information: operating system version number, operating system version generation date.
In order to solve the above technical problem, an embodiment of the present invention further provides an operating system anti-piracy device for a user equipment, including: the device comprises a receiving module, a processing module and a processing module, wherein the receiving module is used for receiving encrypted data sent by user equipment when the user equipment carries out operating system programming, and the encrypted data is obtained by encrypting original data by the user equipment; the decryption module is used for decrypting the encrypted data to obtain decrypted data; and the feedback determining module is used for feeding the decrypted data back to the user equipment, and the user equipment judges whether the decrypted data is the same as the original data or not and determines whether to continue downloading the operating system or not according to a judgment result.
In order to solve the above technical problem, an embodiment of the present invention further provides an operating system anti-piracy device for a user equipment, including: the encryption module is used for encrypting the original data to obtain encrypted data when the operating system is programmed; the sending module is used for sending the encrypted data to the downloading tool equipment; the receiving module is used for receiving the decrypted data fed back by the downloading tool equipment, and the decrypted data is obtained by decrypting the encrypted data packet; and the judgment determining module is used for judging whether the decrypted data is the same as the original data or not and determining whether to continue downloading the operating system or not according to the judgment result.
To solve the above technical problem, an embodiment of the present invention further provides a storage medium having stored thereon computer instructions, where the computer instructions execute the steps of the above method when executed.
In order to solve the foregoing technical problem, an embodiment of the present invention further provides a terminal, including a memory and a processor, where the memory stores computer instructions executable on the processor, and the processor executes the computer instructions to perform the steps of the foregoing method.
Compared with the prior art, the technical scheme of the embodiment of the invention has the following beneficial effects:
the embodiment of the invention provides an anti-theft method for an operating system of user equipment, which comprises the following steps: when user equipment carries out programming of an operating system, receiving encrypted data sent by the user equipment, wherein the encrypted data is obtained by encrypting original data by the user equipment; decrypting the encrypted data to obtain decrypted data; and feeding back the decrypted data to the user equipment, judging whether the decrypted data is the same as the original data or not by the user equipment, and determining whether to continue downloading the operating system or not according to a judgment result. According to the technical scheme provided by the embodiment of the invention, the encrypted data is received through the downloading tool, and the decrypted data is returned to the user equipment (for example, android equipment), so that the terminal can determine whether to download the operating system or not through a verification mode. The technical scheme enables the terminal to identify the safe downloading tool equipment and download the software version (such as an operating system) when the safe downloading tool is obtained. The technical scheme provided by the embodiment of the invention improves the process of programming the operating system by the terminal, and can effectively reduce the adverse effect caused by error operation of the operating system.
Further, the candidate encryption/decryption algorithms for encrypting/decrypting the original data are two or more, and the sending the encrypted data to the download tool device includes: and sending the encrypted data and the encryption and decryption algorithm identification to the downloading tool equipment, wherein the encryption and decryption algorithm identification is used for indicating the downloading tool equipment to decrypt by adopting the encryption and decryption algorithm represented by the encryption and decryption algorithm identification. The embodiment of the invention allows the user equipment to select one encryption and decryption algorithm from a plurality of encryption and decryption algorithms and inform the downloading tool equipment through the encryption and decryption algorithm identification, so that the downloading tool equipment can select the decryption algorithm according to the encryption and decryption algorithm identification, thereby providing a feasible scheme for verifying the authenticity of the operating system.
Drawings
FIG. 1 is a flow chart illustrating an anti-spoofing method for an operating system of a user device according to an embodiment of the present invention;
FIG. 2 is a flowchart illustrating a further method for operating system anti-spoofing for a user device according to the illustrative embodiment;
FIG. 3 is a flowchart illustrating a software version anti-spoofing method in an exemplary scenario according to an embodiment of the present invention;
FIG. 4 is a schematic structural diagram of an operating system anti-piracy device for a user equipment according to an embodiment of the present invention;
fig. 5 is a schematic structural diagram of an operating system anti-piracy device for a user equipment according to another embodiment of the present invention.
Detailed Description
As described in the background art, in the prior art, the user equipment has a problem that the normal hardware module cannot be used due to the fact that the abnormal operating system software version is programmed into the hardware module.
The embodiment of the invention provides an anti-theft method for an operating system of user equipment, which comprises the following steps: when user equipment carries out programming of an operating system, receiving encrypted data sent by the user equipment, wherein the encrypted data is obtained by encrypting original data by the user equipment; decrypting the encrypted data to obtain decrypted data; and feeding back the decrypted data to the user equipment, judging whether the decrypted data is the same as the original data or not by the user equipment, and determining whether to continue downloading the operating system or not according to a judgment result.
According to the technical scheme provided by the embodiment of the invention, the encrypted data is received through the downloading tool, and the decrypted data is returned to the user equipment (for example, android equipment), so that the terminal can determine whether to download the operating system or not through a verification mode. The technical scheme enables the terminal to identify the safe downloading tool and download the software version (such as an operating system) when the safe downloading tool is used. The technical scheme provided by the embodiment of the invention improves the process of programming the operating system by the terminal, and can effectively reduce the adverse effect caused by error operation of the operating system.
In order to make the aforementioned objects, features and advantages of the present invention comprehensible, embodiments accompanied with figures are described in detail below.
Fig. 1 is a flowchart illustrating an operating system anti-spoofing method for a user device according to an embodiment of the present invention. The operating system anti-piracy method can be used in a download tool device that establishes a connection with a user device. The download tool apparatus may also be referred to simply as a download tool.
In an exemplary embodiment, the user device is an android device and the operating system is an android operating system.
Specifically, the operating system anti-piracy method may include the steps of:
step S101, when user equipment carries out operating system programming, receiving encrypted data sent by the user equipment, wherein the encrypted data is obtained by encrypting original data by the user equipment;
step S102, decrypting the encrypted data to obtain decrypted data;
step S103, feeding the decrypted data back to the user equipment, and the user equipment judges whether the decrypted data is the same as the original data or not and determines whether to continue downloading the operating system or not according to the judgment result.
More specifically, the user equipment manufacturer may generate a random number as the raw data, may also use the software version generation date as the raw data, or may use the software version number and the software generation date as the raw data. Where software may refer to an operating system, software versions may refer to operating system software versions.
For example, the original data may be a random number or user-defined data, and the user-defined data may include one or more of the following items of information: operating system version number, operating system version generation date, the user may refer to the user equipment manufacturer.
In a specific implementation, when the user equipment downloads the software version, the user equipment may encrypt the original data. In one embodiment, the user equipment encrypting the original data may comprise the steps of: first, the user device may download FDL1 executable files to a first storage space and run the FDL1 executable files. Thereafter, the user device may download an FDL2 execution file to the second storage space and run the FDL2 execution file to encrypt the original data.
Wherein the first storage space is different from the second storage space. The FDL1 executable file is mainly used for initializing a DRAM, that is, initializing a Double Data Rate (DDR) synchronous dynamic random access memory (DDR), so that the DDR can be normally used, and further downloading the FDL2 executable file to the DDR.
The main function of the FDL2 in executing files is to download an operating system to the DDR, and then write the operating system from the DDR to a hardware memory, that is, write the operating system to an Embedded memory (eMMC).
In one embodiment, the user equipment may encrypt the pair of original data using Advanced Encryption Standard (AES) or asymmetric Encryption RSA algorithm.
In a specific implementation, an AES Cipher Block Chaining (CBC) key in the AES algorithm is stored in the downloading tool device and the user device, respectively.
In a specific implementation, the RSA public key in the RSA algorithm may be stored in the user device, and the RSA private key in the RSA algorithm is stored in the downloading tool device.
In a specific implementation, after obtaining the encrypted data, when the user equipment performs software version programming, the user equipment may first send the encrypted data to the downloading tool equipment.
In step S101, when the user equipment performs software version programming, the downloading tool device may receive, from the user equipment, encrypted data sent by the user equipment.
In one embodiment, the encrypted data is 32 bytes.
In step S102, the downloader device may decrypt the encrypted data by using an AES algorithm or an RSA algorithm. Specifically, if the encrypted data is encrypted by using the AES algorithm, the downloader device may decrypt the encrypted data by using the AES CBC key to obtain decrypted data; if the encrypted data is encrypted by adopting the RSA algorithm, the downloading tool equipment can decrypt by adopting an RSA private key of the RSA algorithm to obtain decrypted data.
In a specific implementation, if the candidate encryption/decryption algorithms for encrypting/decrypting the original data are two or more, the user equipment sends the encryption algorithm adopted by the encrypted data to the download tool equipment when sending the encrypted data.
For example, when the user equipment transmits the encrypted data, the user equipment transmits the encryption and decryption algorithm identification together. And the encryption and decryption algorithm identifier is used for indicating the downloading tool equipment to decrypt by adopting the encryption and decryption algorithm represented by the encryption and decryption algorithm identifier.
And when the downloading tool equipment receives the encrypted data and the encryption and decryption algorithm identification sent by the user equipment, the downloading tool equipment can know the encryption algorithm adopted by the encrypted data, and can further use the corresponding decryption algorithm to finish decryption operation when decrypting the encrypted data, so that the decrypted data is obtained.
In step S103, the downloader device may feed back the decrypted data to the user device, so that the user device may determine whether the decrypted data is the same as the original data.
Thereafter, the user device may send an indication identifier to the download tool device, where the indication identifier is used to indicate whether the encrypted data is the same as the original data. When the downloader device finds that the decrypted data is the same as the original data, a software version may be provided for the user device for downloading by the user device. For example, the downloading device may prepare for downloading, providing the user device with an operating system software version for downloading by the user device.
FIG. 2 is a flowchart illustrating a method for operating system anti-spoofing for a user device according to an embodiment of the present disclosure. The operating system anti-theft method can be applied to user equipment, and can effectively intercept the abnormal operating system software version downloaded by the user equipment.
Specifically, the operating system anti-piracy method may include the steps of:
step S201, when the operating system is programmed, encrypting original data to obtain encrypted data;
step S202, sending the encrypted data to download tool equipment;
step S203, receiving the decrypted data fed back by the downloading tool equipment, wherein the decrypted data is obtained by decrypting the encrypted data;
step S204, judging whether the decrypted data is the same as the original data or not, and determining whether to continue downloading the operating system or not according to the judgment result.
More specifically, in step S201, when the operating system programming is performed, the user equipment may encrypt the original data, thereby obtaining encrypted data.
In a specific implementation, the original data may be a random number or user-defined data, and the user-defined data includes one or more of the following information: operating system version number, operating system version generation date.
In one embodiment, the user equipment may employ an AES algorithm to encrypt the pair of original data. Wherein the AES cipher block chaining mode key in the AES algorithm may be stored in the download tool device and the user device, respectively.
In another embodiment, the user equipment may encrypt the pair of original data using an RSA algorithm. The RSA public key in the RSA algorithm can be stored in the user equipment, and the RSA private key in the RSA algorithm is stored in the downloading tool equipment.
In one embodiment, encrypting the original data may further include: first, the user device may download FDL1 executable files to a first storage space and run the FDL1 executable files. Thereafter, the user device may download an FDL2 execution file to a second storage space and run the FDL2 execution file to encrypt the original data; wherein the first storage space is different from the second storage space.
For example, the user equipment may download the FDL1 execution file to a Static Random Access Memory (SRAM) space, and check the FDL1 execution file by using the RomCode. Then, the user equipment downloads the FDL2 execution file to a Dynamic Random Access Memory (DRAM) space, verifies the FDL2 execution file by using the successfully verified FDL1 execution file, and encrypts the original data based on the successfully verified FDL2 execution file. Wherein, the RomCode refers to a program code solidified in a Read Only Memory (ROM) of a main chip of the user equipment.
In a specific implementation, when two or more candidate encryption/decryption algorithms are used for encrypting/decrypting the original data, the ue may select one of the candidate encryption/decryption algorithms as the encryption/decryption algorithm.
At this time, when the user equipment sends the encrypted data, the user equipment sends an encryption and decryption algorithm identifier to the downloading tool equipment together, where the encryption and decryption algorithm identifier is used to instruct the downloading tool equipment to decrypt by using the encryption and decryption algorithm represented by the encryption and decryption algorithm identifier.
In step S203, the user equipment may receive the decrypted data fed back by the downloading tool equipment, where the decrypted data is obtained by decrypting the encrypted data packet.
Then, in step S204, the user equipment may determine whether the decrypted data is the same as the original data, and determine whether to continue downloading the operating system according to the determination result. For example, if the determination result indicates that the decrypted data is the same as the original data, the downloading of the operating system software version is continued at the downloading tool device. Otherwise, stopping downloading the operating system software version in the downloading tool equipment.
In specific implementation, after receiving the decrypted data fed back by the downloading tool device, the android system further generates an indication identifier, where the indication identifier is used to indicate whether the decrypted data is the same as the original data; and sending the indication mark to the downloading tool equipment.
Further, the user device may download the operating system version provided by the downloading tool device, and write the downloaded operating system to the ROM memory.
Those skilled in the art understand that the steps S201 to S204 can be regarded as execution steps corresponding to the steps S101 to S103 described in the above embodiment shown in fig. 1, and the two steps are complementary in specific implementation principle and logic. Therefore, the explanation of the terms in this embodiment can refer to the description of the embodiment shown in fig. 1, and will not be repeated here.
In the specific implementation, the user equipment is taken as an android device for example. First, the AES CBC algorithm and RSA algorithm may be added to the program (i.e., Android Uboot) code of the Android device. The AES CBC algorithm and the RSA decryption algorithm are added to the downloading tool equipment. Then, adding a code for interaction between the Android device and the downloading tool device in the Android Uboot code, and defining an interaction protocol; and adding a code for interacting with the Android Uboot in the downloading tool equipment to define an interaction protocol. Thereafter, an android device Secure Boot (Secure Boot) flow may be opened to prevent FDL1/FDL2 execution files from being replaced, "/" may be understood as or.
Further, the android device is taken as a mobile phone for explanation. Fig. 3 is a flowchart illustrating a software version anti-piracy method in a typical scenario according to an embodiment of the present invention. After the handset enters the download mode, the handset initiates a download operation over a Universal Serial Bus (USB). Referring to fig. 3, first, in step S301, the mobile phone downloads the FDL1 executable file (i.e. the FDL1 shown in the figure) into the SRAM of the mobile phone. Next, in step S302, the handset checks whether the file execution of FDL1 is correct by using the RomCode. Again, if the verification is successful, step S303 is executed, otherwise step S304 is executed, i.e. the handset stops downloading the software version (e.g. operating system software version). In step S303, the mobile phone downloads the FDL2 executable file (i.e., the illustrated FDL2) to the mobile phone DRAM. Thereafter, in step S305, the file is executed using the FDL1 to verify whether the file is executed correctly by the FDL 2.
Further, if the check result indicates that FDL2 executed the file error, go to step S304, otherwise, go to step S306. In step S306, the mobile phone runs FDL2 to execute the file to generate original data, and generates encrypted data using an encryption algorithm. Further, step S307 is executed, the mobile phone sends the encrypted data to the downloading tool by using the USB; then, in step S308, the download tool handset receives the encrypted data and decrypts the encrypted data by using the key to obtain decrypted data. Further, in step S309, the downloading tool sends the decrypted data to the mobile phone.
Further, in step S310, the mobile phone determines whether the original data is the same as the decrypted data, and if so, step S311 is executed, that is, the mobile phone downloads the software version and writes the software version into the ROM, otherwise, step S304 is executed, that is, the mobile phone stops downloading the software version.
Wherein, the work of programming the software version is completed in the FDL2 execution file of the mobile phone. The FDL2 execution file may store an AES CBC Key or RSA Public Key (Public Key) and the raw data, which may be 32 bytes of data. The 32 bytes of data may be a random number, or may be user-defined data for identifying a soft version number and/or a software generation date, etc. Correspondingly, the downloading tool stores AES CBC Key or RSA Private Key (Private Key), and all keys are generated and maintained by the android device manufacturer.
In particular implementations, the original data may be encrypted using the AES CBC key or RSA public key after the downloaded FDL2 performs normal file operations. If the mobile phone stores both the CBC key and the RSA public key, the mobile phone may generate a flag bit bSupportRandomNum according to a preset criterion to select an encryption algorithm from a plurality of candidate encryption algorithms, and encrypt the original data. For example, when the flag bit bSupportRandomNum is 1, the AES CBC encryption algorithm is employed, and when the flag bit bSupportRandomNum is 2, the RSA encryption algorithm is employed.
Then, the mobile phone may use the flag bit as an encryption/decryption algorithm identifier, where the encryption/decryption algorithm identifier is used to instruct the downloading tool device to perform decryption by using the encryption/decryption algorithm represented by the encryption/decryption algorithm identifier. Further, the handset may send the encrypted data to the download tool via USB. Specifically, the data transmitted to the download tool by the FDL2 execution file includes the value of the flag bit bSupportRandomNum and encrypted data.
Further, when the download tool receives the value of the flag bit bSupportRandomNum and the encrypted data, the received data may be parsed. Specifically, the downloading tool first determines the value of the flag bit bSupportRandomNum, and then decrypts the encrypted data by using the corresponding AES CBC key or RSA private key. The downloader then sends the decrypted data to FDL2 for execution.
Further, after the FDL2 executes the file and receives the decrypted data sent by the downloading tool, the file compares whether the decrypted data is consistent with the original data, and sends an indication mark to the downloading tool. For example, if consistent, the indicator indicates that decryption was successful; otherwise, the indication mark represents decryption failure. At this point, the execution of the file by FDL2 will stop downloading the software version.
In the embodiment of the invention, the original data is encrypted through the user equipment (such as android equipment), the downloading tool equipment decrypts the encrypted data by using the key, the legality of the software version can be checked in the process of downloading the software version (such as an operating system) to the user equipment, and the problem that the software version can be freely written by a lawbreaker is solved. Furthermore, after the downloading tool is bound with the user equipment software, the flashing record can be transmitted to a background database of the user, so that the user can conveniently track.
Fig. 4 is a schematic structural diagram of an operating system anti-piracy device for user equipment according to an embodiment of the present invention. The operating system anti-piracy device 4 for the user equipment (hereinafter, referred to as the operating system anti-piracy device 4) may implement the technical solution of the method shown in fig. 1 and is executed by the download tool equipment.
Specifically, the operating system anti-swipe device 4 may include: a receiving module 41, configured to receive encrypted data sent by a user equipment when the user equipment performs operating system programming, where the encrypted data is obtained by encrypting original data by the user equipment; a decryption module 42, configured to decrypt the encrypted data to obtain decrypted data; a feedback determining module 43, configured to feed back the decrypted data to the user equipment, where the user equipment determines whether the decrypted data is the same as the original data, and determines whether to continue downloading the operating system according to a determination result.
For more details on the working principle and working mode of the operating system anti-swipe device 4, reference may be made to the description in fig. 1 and fig. 3, and details are not repeated here.
Fig. 5 is a schematic structural diagram of an operating system anti-piracy device for a user equipment according to another embodiment of the present invention. The operating system anti-piracy device 5 for the user equipment (hereinafter, referred to as the operating system anti-piracy device 5) may implement the technical solution of the method shown in fig. 2, and is executed by the user equipment.
Specifically, the operating system anti-swipe protection device 5 may include: the encryption module 51 is configured to encrypt the original data to obtain encrypted data when the operating system is programmed; a sending module 52, configured to send the encrypted data to the downloading tool device; a receiving module 53, configured to receive decrypted data fed back by the downloading tool device, where the decrypted data is obtained by decrypting the encrypted data packet; and a judgment determining module 54, configured to judge whether the decrypted data is the same as the original data, and determine whether to continue downloading the operating system according to a judgment result.
For more details on the working principle and working mode of the operating system anti-swipe device 5, reference may be made to the description in fig. 2 and fig. 3, and details are not repeated here.
Further, the embodiment of the present invention further discloses a storage medium, on which computer instructions are stored, and when the computer instructions are executed, the method technical solution in the embodiment shown in fig. 1 or the method technical solution in the embodiment shown in fig. 2 is executed. Preferably, the storage medium may include a computer-readable storage medium such as a non-volatile (non-volatile) memory or a non-transitory (non-transient) memory. The computer readable storage medium may include ROM, RAM, magnetic or optical disks, and the like.
Further, an embodiment of the present invention further discloses a terminal, including a memory and a processor, where the memory stores a computer instruction capable of running on the processor, and the processor executes the method technical solution in the embodiment shown in fig. 1 or the method technical solution in the embodiment shown in fig. 2 when running the computer instruction. The terminal may be a user device or a download tool device.
Although the present invention is disclosed above, the present invention is not limited thereto. Various changes and modifications may be effected therein by one skilled in the art without departing from the spirit and scope of the invention as defined in the appended claims.
Claims (19)
1. An operating system anti-piracy method for a user device, comprising:
when user equipment performs operating system programming, receiving encrypted data sent by the user equipment, wherein the encrypted data is obtained by encrypting original data by the user equipment, and the user equipment encrypts the original data, and the method comprises the following steps: downloading FDL1 execution files to a first storage space, and running the FDL1 execution files; downloading an FDL2 execution file to a second storage space, and running the FDL2 execution file to encrypt the original data; wherein the first storage space is different from the second storage space;
decrypting the encrypted data to obtain decrypted data;
and feeding back the decrypted data to the user equipment, judging whether the decrypted data is the same as the original data or not by the user equipment, and determining whether to continue downloading the operating system or not according to a judgment result.
2. The operating system anti-piracy method of claim 1, further comprising:
receiving an indication identifier sent by the user equipment, wherein the indication identifier is used for indicating whether the encrypted data is the same as the original data;
and if the indication mark indicates that the decrypted data is the same as the original data, providing an operating system version for the user equipment to download.
3. The operating system anti-piracy method of claim 1, wherein the encrypted data is encrypted using AES algorithm or RSA algorithm, and the decrypting the encrypted data comprises:
and decrypting the encrypted data by adopting an AES algorithm or an RSA algorithm.
4. The os anti-spoofing method of claim 3, wherein AES cipher block chaining mode keys in said AES algorithm are stored in said downloader device and said user device, respectively.
5. The method according to claim 3, wherein the RSA public key in the RSA algorithm is stored in the user device, and the RSA private key in the RSA algorithm is stored in the download tool device.
6. The operating system anti-piracy method of claim 1, wherein the number of candidate encryption/decryption algorithms for encrypting/decrypting the original data is two or more, and the receiving the encrypted data sent by the user equipment comprises:
and receiving the encrypted data and the encryption and decryption algorithm identification sent by the user equipment, wherein the encryption and decryption algorithm identification is used for indicating the downloading tool equipment to decrypt by adopting the encryption and decryption algorithm represented by the encryption and decryption algorithm identification.
7. The operating system anti-piracy method of any one of claims 1 to 6, wherein the original data is a random number or user-defined data, and the user-defined data comprises one or more of the following information: operating system version number, operating system version generation date.
8. An operating system anti-piracy method for a user device, comprising:
when the operating system is programmed, encrypting the original data to obtain encrypted data; the encrypting the original data comprises: downloading FDL1 execution files to a first storage space, and running the FDL1 execution files; downloading an FDL2 execution file to a second storage space, and running the FDL2 execution file to encrypt the original data; wherein the first storage space is different from the second storage space;
sending the encrypted data to a download tool device;
receiving decrypted data fed back by the downloading tool equipment, wherein the decrypted data is obtained by decrypting the encrypted data;
and judging whether the decrypted data is the same as the original data or not, and determining whether to continue downloading the operating system or not according to a judgment result.
9. The operating system anti-piracy method of claim 8, further comprising:
generating an indication identifier, wherein the indication identifier is used for indicating whether the decrypted data is the same as the original data or not;
sending the indication identification to the downloading tool equipment;
and downloading the operating system version provided by the downloading tool equipment, and programming the downloaded operating system into a ROM (read only memory).
10. The operating system anti-piracy method of claim 8, wherein the encrypting the raw data comprises:
and encrypting the original data by adopting an AES algorithm or an RSA algorithm.
11. The os anti-spoofing method of claim 10, wherein AES cipher block chaining mode keys in said AES algorithm are stored in said downloader device and said user device, respectively.
12. The method according to claim 10, wherein an RSA public key in the RSA algorithm is stored in the user device, and an RSA private key in the RSA algorithm is stored in the download tool device.
13. The os anti-piracy method of claim 8, wherein there are more than two candidate encryption/decryption algorithms for encrypting/decrypting the original data, and the sending the encrypted data to the download tool device comprises:
and sending the encrypted data and the encryption and decryption algorithm identification to the downloading tool equipment, wherein the encryption and decryption algorithm identification is used for indicating the downloading tool equipment to decrypt by adopting the encryption and decryption algorithm represented by the encryption and decryption algorithm identification.
14. The operating system anti-piracy method of claim 8, wherein downloading FDL1 to execute the file to the first storage space and running FDL1 comprises: downloading the FDL1 execution file to an SRAM space, and verifying the FDL1 execution file by using RomCode;
the downloading of the FDL2 execution files to the second storage space and running the FDL2 execution files to encrypt the original data includes: downloading the FDL2 execution file to a DRAM space, verifying the FDL2 execution file by using the verified FDL1 execution file, and encrypting the original data based on the verified FDL2 execution file.
15. The operating system anti-piracy method of any one of claims 8 to 14, wherein the original data is a random number or user-defined data, and the user-defined data includes one or more of the following information: operating system version number, operating system version generation date.
16. An operating system anti-swipe device for a user device, comprising:
the device comprises a receiving module, a processing module and a processing module, wherein the receiving module is used for receiving encrypted data sent by user equipment when the user equipment carries out operating system programming, and the encrypted data is obtained by encrypting original data by the user equipment; the user equipment encrypts original data, and the method comprises the following steps: downloading FDL1 execution files to a first storage space, and running the FDL1 execution files; downloading an FDL2 execution file to a second storage space, and running the FDL2 execution file to encrypt the original data; wherein the first storage space is different from the second storage space;
the decryption module is used for decrypting the encrypted data to obtain decrypted data;
and the feedback determining module is used for feeding the decrypted data back to the user equipment, and the user equipment judges whether the decrypted data is the same as the original data or not and determines whether to continue downloading the operating system or not according to a judgment result.
17. An operating system anti-swipe device for a user device, comprising:
the encryption module is used for encrypting the original data to obtain encrypted data when the operating system is programmed; the encrypting the original data comprises: downloading FDL1 execution files to a first storage space, and running the FDL1 execution files; downloading an FDL2 execution file to a second storage space, and running the FDL2 execution file to encrypt the original data; wherein the first storage space is different from the second storage space;
the sending module is used for sending the encrypted data to the downloading tool equipment;
the receiving module is used for receiving the decrypted data fed back by the downloading tool equipment, and the decrypted data is obtained by decrypting the encrypted data packet;
and the judgment determining module is used for judging whether the decrypted data is the same as the original data or not and determining whether to continue downloading the operating system or not according to the judgment result.
18. A storage medium having stored thereon computer instructions, which when executed by a processor, perform the steps of any of claims 1 to 7 or the method of any of claims 8 to 15.
19. A terminal comprising a memory and a processor, the memory having stored thereon computer instructions executable on the processor, wherein the processor, when executing the computer instructions, performs the method of any one of claims 1 to 7 or performs the steps of the method of any one of claims 8 to 15.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911156879.8A CN110909318B (en) | 2019-11-22 | 2019-11-22 | Operating system anti-theft method and device for user equipment and terminal |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911156879.8A CN110909318B (en) | 2019-11-22 | 2019-11-22 | Operating system anti-theft method and device for user equipment and terminal |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110909318A CN110909318A (en) | 2020-03-24 |
| CN110909318B true CN110909318B (en) | 2022-04-08 |
Family
ID=69818846
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911156879.8A Active CN110909318B (en) | 2019-11-22 | 2019-11-22 | Operating system anti-theft method and device for user equipment and terminal |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110909318B (en) |
Families Citing this family (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN114138344A (en) * | 2020-09-04 | 2022-03-04 | 青岛海信移动通信技术股份有限公司 | System checking method and terminal |
Family Cites Families (11)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN101924607B (en) * | 2010-08-27 | 2013-01-23 | 华为终端有限公司 | Firmware processing method based on firmware air transmission technology, device and system thereof |
| CN102122336B (en) * | 2011-02-14 | 2013-09-11 | 中国联合网络通信集团有限公司 | Method, equipment and system for encrypting and decrypting game protection |
| CN105635147A (en) * | 2015-12-30 | 2016-06-01 | 深圳市图雅丽特种技术有限公司 | Vehicle-mounted-special-equipment-system-based secure data transmission method and system |
| US10296757B2 (en) * | 2016-07-29 | 2019-05-21 | Sap Se | Appended key ID for key identification during data encryption |
| CN107784226A (en) * | 2016-08-25 | 2018-03-09 | 大连楼兰科技股份有限公司 | The method and system that code is maliciously tampered are prevented using rivest, shamir, adelman |
| CN106897631B (en) * | 2017-02-03 | 2020-01-17 | Oppo广东移动通信有限公司 | Data processing method, device and system |
| CN108958761A (en) * | 2017-05-25 | 2018-12-07 | 中兴通讯股份有限公司 | A kind of processing method and processing device of device program |
| CN109284114B (en) * | 2017-07-20 | 2022-07-12 | 深圳市中兴微电子技术有限公司 | Automatic burning method for programmable chip in embedded system |
| CN109508532A (en) * | 2017-09-14 | 2019-03-22 | 展讯通信(上海)有限公司 | Equipment safety starting method, apparatus and terminal based on TEE |
| CN110175169B (en) * | 2019-05-30 | 2023-05-09 | 青岛大学 | Encrypted data deduplication method, system and related device |
| CN110399750A (en) * | 2019-07-26 | 2019-11-01 | 深圳市网心科技有限公司 | A kind of thresholding voting method and relevant apparatus based on block chain common recognition |
-
2019
- 2019-11-22 CN CN201911156879.8A patent/CN110909318B/en active Active
Also Published As
| Publication number | Publication date |
|---|---|
| CN110909318A (en) | 2020-03-24 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10284372B2 (en) | Method and system for secure management of computer applications | |
| TW202009778A (en) | Firmware upgrade method and device | |
| EP2024846B1 (en) | Method of transfering rights object and electronic device | |
| KR100792287B1 (en) | Method for security and the security apparatus thereof | |
| CN101231622B (en) | Data storage method and equipment base on flash memory, as well as data fetch method and apparatu | |
| US20150095652A1 (en) | Encryption and decryption processing method, apparatus, and device | |
| JP2008210225A (en) | Secure processor system, secure processor, and control method for it | |
| TWI436235B (en) | Data encryption method and system, data decryption method | |
| US10103884B2 (en) | Information processing device and information processing method | |
| EP2051181A1 (en) | Information terminal, security device, data protection method, and data protection program | |
| US20180204004A1 (en) | Authentication method and apparatus for reinforced software | |
| CN107809677B (en) | System and method for presetting Widevine keys in batches in television | |
| CN102831357B (en) | Encryption and authentication protection method and system of secondary development embedded type application program | |
| CN110704814B (en) | Anti-copy method and device, and storage medium | |
| EP3041188A1 (en) | Method, device and system for controlling presentation of application | |
| CN110909318B (en) | Operating system anti-theft method and device for user equipment and terminal | |
| JP2008287488A (en) | Data distributing and preserving unit | |
| KR101711024B1 (en) | Method for accessing temper-proof device and apparatus enabling of the method | |
| KR101405915B1 (en) | Method for writing data by encryption and reading the data thereof | |
| US10540298B2 (en) | Protected datasets on tape cartridges | |
| CN110674525A (en) | Electronic equipment and file processing method thereof | |
| CN111639353B (en) | Data management method and device, embedded equipment and storage medium | |
| CN111611603B (en) | Safe volume production control equipment of SATA interface | |
| CN113343215A (en) | Embedded software authorization and authentication method and electronic equipment | |
| US9411984B2 (en) | Cryptographic processing apparatus, cryptographic processing system, and cryptographic processing method |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |