CN111338664A - Image file packaging method and image file packaging system - Google Patents
Image file packaging method and image file packaging system Download PDFInfo
- Publication number
- CN111338664A CN111338664A CN201811553896.0A CN201811553896A CN111338664A CN 111338664 A CN111338664 A CN 111338664A CN 201811553896 A CN201811553896 A CN 201811553896A CN 111338664 A CN111338664 A CN 111338664A
- Authority
- CN
- China
- Prior art keywords
- image file
- initial
- core
- file
- signature
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 57
- 238000004806 packaging method and process Methods 0.000 title claims abstract description 35
- 238000013507 mapping Methods 0.000 claims abstract description 23
- 238000012795 verification Methods 0.000 description 14
- 238000010586 diagram Methods 0.000 description 8
- 230000006870 function Effects 0.000 description 4
- 238000012856 packing Methods 0.000 description 3
- 238000013461 design Methods 0.000 description 2
- 238000012356 Product development Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000012423 maintenance Methods 0.000 description 1
- 238000005192 partition Methods 0.000 description 1
- 238000012857 repacking Methods 0.000 description 1
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/60—Software deployment
- G06F8/65—Updates
Landscapes
- Engineering & Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Physics & Mathematics (AREA)
- General Physics & Mathematics (AREA)
- Editing Of Facsimile Originals (AREA)
Abstract
A method and system for packaging image files are provided. The image file packaging method is used in a first device, the first device comprises a storage device and a first processor, and the image file packaging method comprises the following steps: receiving a core image file by a first device; wherein, an initial core header is located in the core mapping file; storing an initial application program and the core mapping file by a storage device; and executing a hash tree generation process by a first processor, the hash tree generation process performing the steps of: an initial hash tree of the initial application is calculated, an initial root node is obtained, and the initial root node is embedded into the initial core header to generate an updated core header. The image file packaging method of the invention can lead the client to generate various complete image files in real time when the client updates the application program, and also can provide a mechanism for verifying a new version of application program and protecting the complete image files.
Description
Technical Field
The present invention relates to a mechanism for packaging files, and more particularly, to a method and a system for packaging image files.
Background
Generally, in the case that the client requires the contractor to practice the system software or firmware, the contractor usually encrypts or signs the system software or firmware by using the algorithm for protecting and verifying the system software or firmware, so that the integrity of the root file system flash block (flash partition) and the client application storage block is protected when the protected system software or firmware is run by the Linux kernel of the platform.
However, typically, the customer does not buy the contractor to develop or migrate the suite of application designs within the kernel, and thus, in the event that protection of the integrity of the customer's software block must be achieved, the Linux kernel source code must be recompiled each time the customer releases a new version of the application software. Therefore, after the product development is completed, the client must rely on the resources of the contractor to recompile the software each time the software is updated. In addition, when the client software is updated frequently, the contractor needs to repackage the core image file, the maintenance cost between the repeated updating and the packing is high, and if the original code in the core image file is given to the client, the problem of leakage of the business secret is caused, because other parts in the core image file contain the special technology (knock-how) of the contractor.
Therefore, it is one of the problems to be solved in the art to completely cut off the software development of contractors and software update of customers and to provide security protection for image files.
Therefore, it is desirable to provide an image file packaging method and an image file packaging system to solve the above problems.
Disclosure of Invention
According to an embodiment of the present disclosure, a method for packaging an image file is provided, where the method is used in a first device, the first device includes a storage device and a first processor, and the method includes: receiving a core image file by a first device; wherein, an initial core header is located in the core mapping file; storing an initial application program and the core mapping file by a storage device; and executing a hash tree generation process by a first processor, the hash tree generation process performing the steps of: an initial hash tree of the initial application is calculated, an initial root node is obtained, and the initial root node is embedded into the initial core header to generate an updated core header.
In one embodiment, the initial core header is generated by a second processor of a second device.
In one embodiment, a signature process is executed by the first processor, the signature process treats the core image file and the updated core header as a complete image file, the complete image file is signed to obtain a signature file, and the signature file is embedded into the complete image file.
In one embodiment, a new version of the application is obtained or generated by the first device, the first processor executes the hash tree generation process, calculates a new version of the hash tree for the new version of the application, and replaces the initial root node with a new version of the root node hash value of the new version of the hash tree to generate the new version of the core header.
In one embodiment, the first processor is further configured to execute a signature program, the signature program regards the core image file and the new version of the core header as a complete image file, performs signature on the complete image file to obtain a signature file, and embeds the signature file into the complete image file.
According to another embodiment of the present disclosure, there is provided an image file packaging system including: a first device. The first device is used for receiving a core mapping file. Wherein an initial core header is located in the core image file. The first device comprises a storage device and a first processor. The storage device is used for storing an initial application program and a core mapping file. The first processor is used for executing a hash tree generation program, and the hash tree generation program executes the following steps: the storage device reads the initial application program, calculates an initial hash tree of the initial application program, obtains an initial root node, and embeds the initial root node into the initial core header to generate an updated core header.
According to another embodiment of the present disclosure, there is provided an image file packaging system including: a first device for receiving a core image file; wherein, an initial core header is located in the core mapping file; the first device includes: a storage device for storing an initial application program and the core mapping file; and a first processor, the first processor being configured to execute a hash tree generation program, the hash tree generation program performing the steps of: an initial hash tree of the initial application is calculated, an initial root node is obtained, and the initial root node is embedded into the initial core header to generate an updated core header.
The image file packing method and the image file packing system can calculate the new version core header by self when the device of the client terminal wants to update the application program, do not need to change the core image file provided by a contractor, can be used for the subsequent verification process, and can also carry out signature on the complete image file to protect the complete image file in multiple ways. Therefore, the image file packaging method of the invention can avoid changing the core image file provided by the contractor when the client updates the application program, avoids the contractor consuming the time for burning the whole image file, enables the client to generate various complete image files in real time, and also provides a mechanism for verifying the new version application program and protecting the complete image file.
Drawings
FIG. 1 is a block diagram illustrating an image file packaging system according to an embodiment of the invention.
FIG. 2 is a diagram illustrating a verification hash tree according to an embodiment of the present invention.
Fig. 3A to fig. 3C are schematic diagrams illustrating a method for packaging an image file according to an embodiment of the invention.
FIG. 4 is a diagram illustrating a verification process according to an embodiment of the invention.
Description of the main component symbols:
100 first device
10 storage device
20 first processor
root _ hash verification root node
B01-B22 data blocks
30 core mapping file
40 updating core headers
60 initial application
70 validating a hash tree
80 signature file
P1 Hash Tree Generation program
50 when the image file is complete
P2 signature program
P3 boot program
Detailed Description
The following description is of the best mode for carrying out the invention and is intended to illustrate the general spirit of the invention and not to limit the invention. Reference must be made to the appended claims for an actual summary of the invention.
It will be understood that the terms "comprises" and "comprising," when used in this specification, specify the presence of stated features, integers, method steps, operations, elements, and/or components, but do not preclude the presence or addition of further features, integers, method steps, operations, elements, components, and/or groups thereof.
Use of the terms "first," "second," "third," and the like in the claims is used to modify a claim element without indicating a priority, precedence, or order between elements, or the order in which a method step is performed, but is intended to distinguish one element from another element having a same name.
In an embodiment, referring to fig. 1 to 2, fig. 1 is a block diagram illustrating an image file packaging system according to an embodiment of the invention. FIG. 2 is a diagram illustrating a verification hash tree according to an embodiment of the present invention. The image file packaging system comprises a first device 100. In one embodiment, the first device 100 is a client device. In one embodiment, the first device 100 may be a computer, a tablet, a mobile phone or other electronic devices with computing functions. The first device 100 is configured to receive a core image file and a hash tree generation procedure, and generate an updated core header, wherein the updated core header includes an initial root node. The first device 100 includes a storage device 10 and a first processor 20.
In one embodiment, the storage device 10 can be embodied as a read-only memory, a flash memory, a floppy disk, a hard disk, a compact disk, a portable disk, a magnetic tape, a database accessible by a network, or a storage medium with the same functions as those of the storage device can be easily realized by one skilled in the art. The storage device 10 stores an initial application, a core image file, an updated core header, and a hash tree generation procedure.
In one embodiment, the initial application includes information such as an executive, a library, a configuration file, a key, etc., and the initial application may be an image file whose functions are, for example, vehicle management, vehicle entertainment and/or vehicle control, etc., and may be executed by a processor (e.g., a Network Access Device (NAD)) in the product. However, this is only an example, and the present disclosure is not limited thereto.
In one embodiment, the first processor 20 may be implemented by an integrated circuit such as a micro control unit (microcontroller), a microprocessor (microprocessor), a digital signal processor (digital signal processor), an Application Specific Integrated Circuit (ASIC), or a logic circuit.
In one embodiment, the first processor 20 is configured to execute a hash tree generation procedure. The first processor 20 executes the following steps after loading the hash tree generation program: the first processor 20 reads the initial application from the storage device 10, calculates an initial hash tree of the initial application to obtain an initial root node of the initial hash tree, and embeds the initial root node into the initial core header to generate the updated core header.
For example, as shown in fig. 2, the first processor 20 reads the initial application 60 from the storage device 10, disassembles the initial application into one data block B01-B04 every 4k bytes (byte), in other words, each of the data blocks B01-B04 is 4k bytes, performs Hash (Hash) operation on each of the data blocks B01-B04, performs Hash operation (Hash (B01)) on the data block B01 to obtain a Hash value B11, performs Hash operation (Hash (B02)) on the data block B02 to obtain a Hash value B12, performs Hash operation (Hash (B03)) on the data block B03 to obtain a Hash value B13, performs Hash operation (Hash (B04)) on the data block B04 to obtain a Hash value B14, and concatenates the Hash values B11 and B12 to 4k bytes (byte) and performs Hash operation (Hash) on the Hash value B11 and B12
) The Hash value B11 and the Hash value B12 are concatenated and then subjected to Hash operation) to obtain a Hash value B21, and the Hash values B13 and B14 are subjected to Hash operation (Hash operation)
) Then, a Hash value B22 is obtained, and finally, the data blocks B21 and B22 are subjected to Hash operation (Hash)
) And then obtaining the initial root node root _ hash. For example, the data block B11 and the data block B12 may be added, and the result of the addition is substituted into a Hash function (i.e., the expression is: Hash (B11+ B12)), which is only provided herein.
Thus, the first processor 20 can calculate an initial hash tree of the initial application 60 by using the above method, obtain an initial root node root _ hash of the initial hash tree in the same manner, and embed the initial root node root _ hash into the initial core header (e.g., the initial core header 35 in fig. 3A) to generate an updated core header 40 (e.g., the updated core header 40 in fig. 3B).
In one embodiment, as shown in fig. 2, through a series of hash operations, the initial root node root _ hash is also 32 bytes, and the initial root node root _ hash is smaller than the original data, so that the amount of data to be compared can be greatly reduced during verification. In addition, the size of the disassembled data block can be adjusted according to the actual design practice of the system, and is not limited thereto.
Referring to fig. 3A to 3C, fig. 3A to 3C are schematic diagrams illustrating a method for packaging an image file according to an embodiment of the invention. In one embodiment, as shown in FIG. 3A, the kernel image file (kernel image)30 is generated by a processor (hereinafter referred to as a second processor) in a second device, such as a server, a computer, a tablet, a mobile phone or other electronic device with computing capability of the kernel source contractor.
In one embodiment, the core image file 30 may be provided to the client device (e.g., the first device) by being manufactured by various computers or various electronic devices and then placed on a server or other media.
In one embodiment, the initial core header 35 is generated by the second processor. The initial core header 35 is used to keep some space available for defining values or adding header information.
In one embodiment, the core image file 30 includes an initial core header 35, and the initial core header 35 includes a blank field for embedding the initial root _ hash in the subsequent step.
In one embodiment, the second device initially transmits the kernel image file 30, the hash tree generator P1 and the signature program (e.g., P2 of FIG. 3C) to the first device 100.
In one embodiment, the storage device 10 of the first device 100 stores the hash tree generation program P1 and the signature program (e.g., P2 of fig. 3C) in advance.
In one embodiment, the storage device 10 of the first device 100 stores the signature program (e.g., P2 of fig. 3C), the second device transmits the hash tree generation program P1 to the first device 100, and the first device 100 stores the hash tree generation program P1 in the storage device 10.
As shown in fig. 3B, after the first device 100 obtains the initial application 60, the hash tree generation procedure P1 is executed to calculate the initial root node root _ hash, and the initial root node root _ hash is embedded into the initial core header 35 to generate the updated core header 40. In other words, the updated core header 40 includes information of the initial root node root _ hash and the initial core header 35.
The update core header 40 is embedded in the front end or the back end of the core image file 30. The core image file 30 and the updated core header 40 are considered to be a full image file 50.
In one embodiment, the first processor 20 executes the signature program P2 to obtain the signature file 80 embedded in the full image file 50. The signature file 80 is embedded in the front end or the back end of the full image file 50. In one embodiment, as shown in FIG. 3C, the first processor (e.g., the first processor 20 in FIG. 1) executes a signature program P2, the signature program P2 treats the core image file 30 and the updated core header 40 as a complete image file 50, signs the complete image file 50 (e.g., using known asymmetric encryption) to obtain a signature file 80, and embeds the signature file 80 into the complete image file 50. Therefore, in the verification stage, the first processor 20 (the processor of the client) or the third processor (the processor on the product) can also decrypt the signature file 80 when receiving the complete image file 50, and if the decryption is successful, it indicates that the complete image file 50 is normal, and if the decryption is failed, it indicates that the complete image file 50 may be tampered.
In one embodiment, the first processor 20 packages the full image file 50, the signature file 80, and the initial application 60 into a piece of software, and burns the piece of software into a third device (e.g., a product). In one embodiment, the product is, for example, a car recorder, tablet, cell phone, or other electronic device.
In one embodiment, as shown in fig. 4, fig. 4 is a schematic diagram illustrating a verification process according to an embodiment of the invention. The processor of the third device (hereinafter referred to as the third processor) performs the boot program P3, for example, by using the same asymmetric encryption method that generates the signature file 80 to determine whether the signature file 80 on the third device can be decrypted correctly, and if the decryption is successful, then the full image file 50 is normal, if the decryption fails, then the full image file 50 may be tampered, and the third processor performs a hash tree verification procedure (same as the hash tree generation procedure P1), generates a verification hash tree 70 according to the initial application 60, obtains a verification root node, compares the verification root node with the initial root node root _ hash in the update core header 40 to determine whether the initial application 60 is correct, and if the two are the same, the initial application 60 is correct and if the two are different, the initial application 60 is incorrect.
In one embodiment, when a first device (for example, the first device 100 in fig. 1 is a client device) acquires or generates a new version of an application, the first processor 20 of the first device 100 executes the hash tree generation program P1 to calculate a new version of a hash tree of the new version of the application, and replaces a new version of a root node hash value of the new version of the hash tree with an initial root node hash value to generate a new version of a core header.
It can be seen that, when the client wants to update the application, the first processor 20 in the first device 100 of the client executes the hash tree generation program P1 to calculate the new version core header and add the new version core header to the front end or the back end of the core image file 30, and the first processor 20 executes the signature program P2 to regard the core image file 30 and the new version core header as a new version image file, and sign the new version image file to obtain a new version signature file, and the first processor 20 embeds the new version signature file into the front end or the back end of the new version image file and burns the new version image file into the product, so that the image file of the product can be updated at the client by itself without changing the core image file 30 provided by the contractor. In addition, the new version of the core header can also be used in the subsequent verification process, which is shown in fig. 4 and its corresponding paragraphs, and thus is not described herein again.
Therefore, the image file packaging method of the invention can greatly reduce the time cost for the contractor to repackage the updated application program to complete the whole image file without changing the core image file 30 provided by the contractor when the client terminal updates the application program, and the client terminal can generate various complete image files in real time.
In one embodiment, after the full image file 50 and the signature file 80 are generated, they can be burned into a product (e.g., a car recorder, tablet, mobile phone or other electronic device), and the product can verify whether the core image file 30 in the full image file 50 is a correct image file.
In one embodiment, the initial application 60 may be provided to the contractor in advance after the client development, and the contractor develops the core image file 30, the hash tree generator P1 and the signature program P2. Then, the contractor only needs to provide the core image file 30, the initial core header 35, the hash tree generator P1 and the signature program P2 to the client device (the first device 100 shown in fig. 1) when releasing the software for the first time; in the subsequent process, the first device 100 generates the full image file 50 and the signature file 80 without modifying the core image file 30 provided by the contractor. In addition, the third device (i.e., product) may apply the above method to determine whether the initial application 60 has been tampered with and/or whether the core image file 30 is a correct image file. Furthermore, when the first device 100 wants to update the application program, the first processor 20 may execute the hash tree generation program P1 to calculate a new version core header and add the new version core header to the back end or the front end of the core mapping file 30, and the first processor 20 may execute the signature program P2 to treat the core mapping file 30 and the new version core header as a new version mapping file and sign the new version mapping file to obtain a new version signature file, and the first processor 20 may embed the new version signature file into the front end or the back end of the new version mapping file and burn the new version mapping file into the third device, thereby completing the product update at the client.
In summary, the image file packaging method and the image file packaging system of the present invention can calculate the new version of the core header by itself when the device of the client wants to update the application, without changing the core image file provided by the contractor, and the new version of the core header can also be used in the subsequent verification process. Therefore, the image file packaging method of the invention can avoid the core image file provided by the contractor when the client updates the application program, avoid the contractor consuming the time for repacking the whole image file, lead the client to generate various complete image files in real time, and provide a mechanism for verifying the new version application program and protecting the complete image file.
Claims (10)
1. A method for packaging image files is used in a first device, the first device comprises a storage device and a first processor, the method comprises:
receiving a core image file by the first device; wherein, an initial core header is located in the core mapping file;
storing an initial application program and the core mapping file by the storage device; and
executing a hash tree generation procedure by the first processor, the hash tree generation procedure executing the following steps:
an initial hash tree of the initial application is calculated, an initial root node is obtained, and the initial root node is embedded into the initial core header to generate an updated core header.
2. The image file packaging method of claim 1, wherein the initial core header is generated by a second processor of a second device.
3. The image file packaging method of claim 1, further comprising:
executing a signature program by the first processor, wherein the signature program regards the core mapping file and the updated core header as a complete mapping file, performs signature on the complete mapping file to obtain a signature file, and embeds the signature file into the complete mapping file.
4. The image file packaging method of claim 1, further comprising:
the first processor executes the hash tree generation program, calculates a new hash tree of the new application program, and replaces the initial root node with a new root node hash value of the new hash tree to generate the new core header.
5. The image file packaging method of claim 4 wherein the first processor is further configured to execute a signature process, the signature process treats the kernel image file and the new version kernel header as a complete image file, performs signature on the complete image file to obtain a signature file, and embeds the signature file into the complete image file.
6. An image file packaging system, comprising:
a first device for receiving a core image file; wherein, an initial core header is located in the core mapping file; the first device includes:
a storage device for storing an initial application program and the core mapping file; and
a first processor, the first processor configured to execute a hash tree generation program, the hash tree generation program performing the steps of:
an initial hash tree of the initial application is calculated, an initial root node is obtained, and the initial root node is embedded into the initial core header to generate an updated core header.
7. The image file packaging system of claim 6, wherein the initial core header is generated by a second processor of a second device.
8. The image file packaging system of claim 6 wherein the first processor is further configured to execute a signature process, the signature process treating the core image file and the updated core header as a complete image file, signing the complete image file to obtain a signature file, and embedding the signature file into the complete image file.
9. The image file packaging system of claim 6, wherein the first device is further configured to obtain or generate a new version of application program, the first processor executes the hash tree generation program to calculate a new version of hash tree for the new version of application program, and replaces the original root node with a new version of root node hash value of the new version of hash tree to generate the new version of core header.
10. The image file packaging system of claim 9 wherein the first processor is further configured to execute a signature process, the signature process treating the core image file and the new version of the core header as a complete image file, signing the complete image file to obtain a signature file, and embedding the signature file into the complete image file.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811553896.0A CN111338664A (en) | 2018-12-18 | 2018-12-18 | Image file packaging method and image file packaging system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201811553896.0A CN111338664A (en) | 2018-12-18 | 2018-12-18 | Image file packaging method and image file packaging system |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN111338664A true CN111338664A (en) | 2020-06-26 |
Family
ID=71181467
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201811553896.0A Pending CN111338664A (en) | 2018-12-18 | 2018-12-18 | Image file packaging method and image file packaging system |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN111338664A (en) |
Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050132123A1 (en) * | 2003-12-16 | 2005-06-16 | Microsoft Corporation | Creating file systems within a file in a storage technology-abstracted manner |
| CN101499060A (en) * | 2008-01-29 | 2009-08-05 | 广达电脑股份有限公司 | Firmware updating system and method |
| CN103777953A (en) * | 2014-01-26 | 2014-05-07 | 宝龙计算机系统(湖南)有限公司 | Method and device for manufacturing Unix-like operating system upgrade patch |
| CN103777971A (en) * | 2012-10-23 | 2014-05-07 | 新加坡商华科国际股份有限公司 | Electronic device, method for updating firmware, and recording medium capable of being read by computer |
| US20150039872A1 (en) * | 2013-08-05 | 2015-02-05 | Caterpillar Inc. | Multiple Signed Filesystem Application Packages |
| TW201531844A (en) * | 2013-12-10 | 2015-08-16 | Huawei Tech Co Ltd | Operating system recovery method, apparatus and terminal device |
| US20150347162A1 (en) * | 2014-06-03 | 2015-12-03 | Mentor Graphics Corporation | Prelinked embedding |
| CN105228157A (en) * | 2015-09-16 | 2016-01-06 | 华东师范大学 | A kind of wireless sensor network security light weight reprogramming method |
| CN106815530A (en) * | 2016-12-26 | 2017-06-09 | 北京爱接力科技发展有限公司 | Data deposit card method, data verification method and device |
| CN106845279A (en) * | 2017-02-17 | 2017-06-13 | 宇龙计算机通信科技(深圳)有限公司 | The method of calibration and device of security service management entity SSME modules |
-
2018
- 2018-12-18 CN CN201811553896.0A patent/CN111338664A/en active Pending
Patent Citations (10)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US20050132123A1 (en) * | 2003-12-16 | 2005-06-16 | Microsoft Corporation | Creating file systems within a file in a storage technology-abstracted manner |
| CN101499060A (en) * | 2008-01-29 | 2009-08-05 | 广达电脑股份有限公司 | Firmware updating system and method |
| CN103777971A (en) * | 2012-10-23 | 2014-05-07 | 新加坡商华科国际股份有限公司 | Electronic device, method for updating firmware, and recording medium capable of being read by computer |
| US20150039872A1 (en) * | 2013-08-05 | 2015-02-05 | Caterpillar Inc. | Multiple Signed Filesystem Application Packages |
| TW201531844A (en) * | 2013-12-10 | 2015-08-16 | Huawei Tech Co Ltd | Operating system recovery method, apparatus and terminal device |
| CN103777953A (en) * | 2014-01-26 | 2014-05-07 | 宝龙计算机系统(湖南)有限公司 | Method and device for manufacturing Unix-like operating system upgrade patch |
| US20150347162A1 (en) * | 2014-06-03 | 2015-12-03 | Mentor Graphics Corporation | Prelinked embedding |
| CN105228157A (en) * | 2015-09-16 | 2016-01-06 | 华东师范大学 | A kind of wireless sensor network security light weight reprogramming method |
| CN106815530A (en) * | 2016-12-26 | 2017-06-09 | 北京爱接力科技发展有限公司 | Data deposit card method, data verification method and device |
| CN106845279A (en) * | 2017-02-17 | 2017-06-13 | 宇龙计算机通信科技(深圳)有限公司 | The method of calibration and device of security service management entity SSME modules |
Non-Patent Citations (2)
| Title |
|---|
| DAN WILLIAMS,EMIN GUN SIRER: "Optimal Parameter Selection for Efficient Memory Integrity Verification Using Merkle Hash Trees", 《 PROCEEDINGS OF THE THIRD IEEE INTERNATIONAL》 * |
| DAN WILLIAMS,EMIN GUN SIRER: "Optimal Parameter Selection for Efficient Memory Integrity Verification Using Merkle Hash Trees", 《 PROCEEDINGS OF THE THIRD IEEE INTERNATIONAL》, 8 November 2004 (2004-11-08), pages 1 - 6 * |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US8732445B2 (en) | Information processing device, information processing method, information processing program, and integrated circuit | |
| EP3044901B1 (en) | Keying infrastructure | |
| US11829479B2 (en) | Firmware security verification method and device | |
| US20190114401A1 (en) | On device structure layout randomization for binary code to enhance security through increased entropy | |
| JP5740573B2 (en) | Information processing apparatus and information processing method | |
| JP5734685B2 (en) | Program, method, and storage medium for generating software for checking integrity during execution | |
| US20150095652A1 (en) | Encryption and decryption processing method, apparatus, and device | |
| CN104866739A (en) | Application program encryption method and application program encryption system in Android system | |
| US20150095653A1 (en) | Method and apparatus of creating application package, method and apparatus of executing application package, and recording medium storing application package | |
| CN104318155A (en) | Dynamic loading method capable of guarding against reverse APK file | |
| CN108229144B (en) | Verification method of application program, terminal equipment and storage medium | |
| CN104408337A (en) | Reinforcement method for preventing reverse of APK (Android package) file | |
| CN109445705B (en) | Firmware authentication method and solid state disk | |
| CN104573527A (en) | UEFI system updating method based on updating security mechanism | |
| WO2022078366A1 (en) | Application protection method and apparatus, device and medium | |
| CN113849210A (en) | Firmware upgrading method and device based on TEE | |
| CN116235174A (en) | Apparatus and method for performing encryption algorithm | |
| TWI682296B (en) | Image file packaging method and image file packaging system | |
| US10796004B1 (en) | Split boot for computing devices with secure and insecure states | |
| CN111400771A (en) | Target partition checking method and device, storage medium and computer equipment | |
| US8392714B2 (en) | Secure overlay manager protection | |
| CN111338664A (en) | Image file packaging method and image file packaging system | |
| US11061998B2 (en) | Apparatus and method for providing security and apparatus and method for executing security to protect code of shared object | |
| CN112054895A (en) | Trusted root construction method and application | |
| US11977760B1 (en) | Secure data and instruction loading |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| WD01 | Invention patent application deemed withdrawn after publication | ||
| WD01 | Invention patent application deemed withdrawn after publication |
Application publication date: 20200626 |