CN115348078A - Method for preventing APP eavesdropping based on verification signature certificate, electronic device and storage medium - Google Patents

Method for preventing APP eavesdropping based on verification signature certificate, electronic device and storage medium Download PDF

Info

Publication number
CN115348078A
CN115348078A CN202210969218.2A CN202210969218A CN115348078A CN 115348078 A CN115348078 A CN 115348078A CN 202210969218 A CN202210969218 A CN 202210969218A CN 115348078 A CN115348078 A CN 115348078A
Authority
CN
China
Prior art keywords
app
background
public key
certificate
terminal
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202210969218.2A
Other languages
Chinese (zh)
Inventor
陈景欣
徐锋
黄坤文
周小辉
梁建硕
刘飘
周睿
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Guangdong Lingnanpass Co ltd
Original Assignee
Guangdong Lingnanpass Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Guangdong Lingnanpass Co ltd filed Critical Guangdong Lingnanpass Co ltd
Priority to CN202210969218.2A priority Critical patent/CN115348078A/en
Publication of CN115348078A publication Critical patent/CN115348078A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for authentication of entities
    • H04L63/0823Network architectures or network communication protocols for network security for authentication of entities using certificates
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • H04L63/0435Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload wherein the sending and receiving network entities apply symmetric encryption, i.e. same key used for encryption and decryption
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/08Key distribution or management, e.g. generation, sharing or updating, of cryptographic keys or passwords
    • H04L9/0861Generation of secret information including derivation or calculation of cryptographic keys or passwords
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3247Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving digital signatures
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/32Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials
    • H04L9/3263Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols including means for verifying the identity or authority of a user of the system or for message authentication, e.g. authorization, entity authentication, data integrity or data verification, non-repudiation, key authentication or verification of credentials involving certificates, e.g. public key certificate [PKC] or attribute certificate [AC]; Public key infrastructure [PKI] arrangements

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Computer Hardware Design (AREA)
  • Computing Systems (AREA)
  • General Engineering & Computer Science (AREA)
  • Storage Device Security (AREA)

Abstract

The invention discloses a method for preventing APP eavesdropping based on a verification signature certificate, wherein an APP terminal is provided with a terminal public key A1, a terminal private key A2 and a certificate, the certificate is stored in a native resource directory, and a background public key B is recorded; a background public key B1 and a background private key B2 are arranged in the background; the APP terminal establishes contact with the APP background and sends a request to the APP background to return a background public key B1 to the APP terminal; the APP terminal uses the private key A2 to unlock the certificate, takes out the recorded background public key B, compares the background public key B with the background sending background public key B1, detects whether the background public key B1 is consistent or not, if yes, executes the next step, if not, throws out the abnormity, the APP terminal uses the APP background public key B1 to encrypt the APP terminal public key A1 and the transmission content, transmits the message to the APP background in a message form, the APP background uses the private key B2 to decrypt the message to obtain the APP terminal public key A1, uses the APP terminal public key A1 to encrypt the message to the APP terminal, and the APP terminal background uses the private key A2 to decrypt the message; and the APP terminal encrypts the message and transmits the message to the APP background, and the APP background decrypts the message by using the B2 to obtain the transmission content.

Description

Method for preventing APP eavesdropping based on verification signature certificate, electronic device and storage medium
Technical Field
The invention relates to the field of networks, in particular to a method for preventing APP eavesdropping based on a verification signature certificate, electronic equipment and a storage medium.
Background
At present, in a general APP data transmission process, a background application of the APP, i.e., appmul, has no other verification, but has a verified signature for data transmitted by the APP.
The existing APP data transmission process has the following defects:
although the data transmitted by the APP to the background of the APP is checked, the signature certificate of the APP is not checked, after a data packet is captured by using a penetration tool and a tampered message exists, sign information is synchronously modified, and the signature can be checked through the background of the APP; after the data packet is captured, even phishing codes, virus codes and malicious codes can be added, so that sensitive information of a user is leaked or maliciously attacked, and the security is low.
Disclosure of Invention
In order to overcome the defects of the prior art, an object of the present invention is to provide a method, an electronic device and a storage medium for preventing APP interception based on a verified signature certificate, which can solve the problem of low security.
One of the purposes of the invention is realized by adopting the following technical scheme:
a method for preventing APP eavesdropping based on verifying a signature certificate comprises the following steps:
and S10: the APP terminal comprises a terminal public key A1, a terminal private key A2 and a certificate, wherein the certificate is stored in a native resource directory and records a background public key B; a background public key B1 and a background private key B2 are arranged in the background; the APP terminal establishes contact with an APP background and sends a request;
and S20: the APP terminal establishes contact with the APP background through three-way handshake and sends a request to the APP background;
and S30: the APP background returns the background public key B1 to the APP terminal;
and S40: the APP terminal uses the private key A2 to unlock the certificate, takes out the recorded background public key B, compares the background public key B with the background public key B1 sent by the background, detects whether the background public key B is consistent or not, if yes, executes the next step, and if not, throws out the abnormity;
and S50: the APP terminal encrypts an APP terminal public key A1 and transmission content by using an APP background public key B1, and transmits the encrypted APP terminal public key A1 and the transmission content to the APP background in a message form, wherein the message comprises token, the transmission content, the APP terminal public key A1 and signature content;
s60, a step: the APP background decrypts the message by using the private key B2 to obtain an APP terminal public key A1, the APP terminal public key A1 is used for encrypting the message to the APP terminal, and the APP terminal background decrypts the message by using the private key A2;
and S70: the APP terminal encrypts the message by using an APP background public key B1 and transmits the message to the APP background, and the APP background decrypts the message by using a background private key B2 to obtain the transmission content.
Further, when the steps of S10-S60 are implemented, if a network interruption or token failure occurs or the message is tampered with, the certificate validity is re-verified.
Further, when the steps S10 to S60 are performed, when the certificate validity is re-verified, it is determined whether the certificate is valid by verifying information such as a password, and if the certificate is not verified, an exception is thrown.
Further, when the steps of S10-S60 are implemented, when the certificate validity is re-verified, it is determined whether the data certificate is consistent with the formulated certificate, otherwise, an exception is thrown.
Further, when the steps of S10-S60 are implemented, after the APP terminal sends an https request to the APP background, the APP background checks whether the APP terminal has a specified certificate, if so, whether the detected certificate is valid, if so, password information is verified, if so, whether the detected data certificate is consistent with the specified certificate is detected, if so, the certificate uses a TLS protocol and returns to a Socket factory, and the APP terminal and the APP background perform data transmission through the Socket.
Further, in the step S10, the APP terminal sends an https request to the APP background, and the APP background records information and records time, content, and address of the request.
Further, in step S40, when "the APP terminal decrypts the certificate with the private key A2, takes out the recorded background public key B, and compares it with the background public key B1 sent by the background", if the two are not consistent, the address corresponding to the abnormal request is recorded.
Further, in step S40, the APP background returns the public key to the APP terminal, verifies whether the public key passes, and lists the request address as a blacklist if the number of times of non-passing verification exceeds 3 times.
Further, in step S40, the APP background returns the public key to the APP terminal, verifies whether the public key passes, and if the public key does not pass, lists the request as a tampered request.
An electronic device, comprising: a processor;
a memory; and a program, wherein the program is stored in the memory and configured to be executed by the processor, the program comprising instructions for performing a method of preventing interception of an APP based on verifying a signed certificate.
A computer-readable storage medium having stored thereon a computer program for executing by a processor a method for preventing interception of APPs based on verifying signed certificates.
Compared with the prior art, the invention has the beneficial effects that:
the method comprises the steps that an HTTP (hypertext transfer protocol) terminal sends an https request to an APP background, the APP background records information, and a server generates a corresponding public key and a corresponding private key; the APP background returns the public key to the APP terminal, whether the public key passes is verified, if yes, the APP terminal generates a random secret key, the public key is used for encrypting the secret key, and a secret key after encryption is generated; the APP terminal transmits the encrypted secret key to an APP background, the APP background decrypts the secret key to generate an APP secret key, and the APP secret key and the content are symmetrically encrypted; and the APP background transmits the encrypted content to the APP terminal, and the APP terminal performs secret key decryption to obtain the transmitted content. By adopting the method, an eavesdropper cannot grab the message, tampering can be avoided in the transmission process, reverse analysis, decompilation and secondary packaging of the application are prevented, malicious codes such as various viruses and advertisements are prevented from being embedded, data safety is protected from the source, and the problem of low information safety degree is solved.
The foregoing description is only an overview of the technical solutions of the present invention, and in order to make the technical means of the present invention more clearly understood, the present invention may be implemented in accordance with the content of the description, and in order to make the above and other objects, features, and advantages of the present invention more clearly understood, the following preferred embodiments are described in detail with reference to the accompanying drawings.
Drawings
FIG. 1 is a flow chart of a preferred embodiment of the method for preventing APP interception based on verifying a signature certificate according to the present invention;
FIG. 2 is a schematic diagram of grabbing an APP packet using bursusite;
FIG. 3 is a diagram illustrating modification of body content and synchronous modification of sign signature information;
fig. 4 is a schematic diagram of background signature verification through APP and successful message transmission;
fig. 5 is a schematic diagram of a transmission process between an APP terminal and a background in a general case;
FIG. 6 is a diagram illustrating a transmission process in the presence of an eavesdropper;
FIGS. 7-8 are schematic illustrations of transmissions after application of the method of the present application;
FIG. 9 is a detailed diagram of the specific operation of the method of the present application.
Detailed Description
The present invention will be further described with reference to the accompanying drawings and the detailed description, and it should be noted that any combination of the embodiments or technical features described below can be used to form a new embodiment without conflict.
It will be understood that when an element is referred to as being "secured to" another element, it can be directly on the other element or intervening elements may also be present. When a component is referred to as being "connected" to another component, it can be directly connected to the other component or intervening components may also be present. When a component is referred to as being "disposed on" another component, it can be directly on the other component or intervening components may also be present. The terms "vertical," "horizontal," "left," "right," and the like as used herein are for illustrative purposes only.
Unless defined otherwise, all technical and scientific terms used herein have the same meaning as commonly understood by one of ordinary skill in the art to which this invention belongs. The terminology used in the description of the invention herein is for the purpose of describing particular embodiments only and is not intended to be limiting of the invention. As used herein, the term "and/or" includes any and all combinations of one or more of the associated listed items.
Referring to fig. 1, a method for preventing APP interception based on verifying a signature certificate includes the following steps:
and S10, a step: the APP terminal comprises a terminal public key A1, a terminal private key A2 and a certificate, wherein the certificate is stored in a native resource directory and a background public key B is recorded; a background public key B1 and a background private key B2 are arranged in the background; the APP terminal establishes contact with the APP background and sends a request;
and S20: the APP terminal establishes a connection with the APP background through three-way handshake and sends a request to the APP background;
and S30: the APP background returns the background public key B1 to the APP terminal;
and S40: the APP terminal uses the private key A2 to unlock the certificate, takes out the recorded background public key B, compares the background public key B with the background public key B1 sent by the background, detects whether the background public key B1 is consistent or not, if yes, executes the next step, and if not, throws out the exception;
and S50: the APP terminal encrypts an APP terminal public key A1 and transmission content by using an APP background public key B1, and transmits the encrypted APP terminal public key A1 and the transmission content to the APP background in a message form, wherein the message comprises token, the transmission content, the APP terminal public key A1 and signature content;
and S60: the APP background decrypts the message by using the private key B2 to obtain an APP terminal public key A1, the APP terminal public key A1 is used for encrypting the message to the APP terminal, and the APP terminal background decrypts the message by using the private key A2;
and S70: the APP terminal encrypts the message by using an APP background public key B1 and transmits the message to the APP background, and the APP background decrypts the message by using a background private key B2 to obtain the transmission content.
Preferably, when the above steps are executed, the data content, address and time of transmission are recorded to form a transmission log.
An electronic device, comprising: a processor;
a memory; and a program, wherein the program is stored in the memory and configured to be executed by the processor, the program comprising instructions for performing a method of preventing interception of an APP based on verifying a signed certificate.
A computer-readable storage medium having stored thereon a computer program for executing by a processor a method for preventing interception of APPs based on verifying signed certificates.
Please specifically refer to fig. 2, which is a schematic diagram of fetching an APP packet by using burpesite, and fig. 3, which is a schematic diagram of modifying body content and synchronously modifying corresponding sign signature information; please specifically refer to fig. 4, which is a schematic diagram of signature verification through the background of the APP and successful transmission of a message, and as can be seen from fig. 2-4, in the prior art, although the signature verification is performed on the APP from the APP transmission data to the background of the APP, the signature certificate of the APP is not verified, and after a packet is captured by using a penetration tool and a tampered message exists, sign information is synchronously modified, so that the signature verification through the background of the APP can be performed; after the data packet is captured, even phishing codes, virus codes and malicious codes can be added, so that sensitive information of a user is leaked or attacked maliciously, and the security is low.
Please specifically refer to fig. 5, which is a schematic diagram illustrating a transmission process between an APP terminal and a background under a general condition; please refer to fig. 6, which is a schematic diagram of a transmission process when there is an eavesdropper; please specifically refer to fig. 7-8, which are schematic transmission diagrams after the method of the present application is applied.
Specifically, referring to fig. 9, the specific operation details are as follows:
1. cer certificate is added by APP:
cer certificates are placed under Assets directories (Assets directories are native resource files that android places exclusively).
2. Front end add code (example is pseudo code):
Figure BDA0003796052770000071
Figure BDA0003796052770000081
android front-end references SSL factory functions:
Figure BDA0003796052770000082
Figure BDA0003796052770000091
3. use 360 consolidations treasures of software to encrypt the issue to App, prevent decompilation, the illegal person takes the certificate:
360 reinforcement is abbreviated as:
the reinforcement protection provides professional safety protection for the mobile application, can prevent the application from being reversely analyzed, decompiled and packaged for the second time, prevents malicious codes such as various viruses and advertisements from being embedded, and protects data safety and benefits of developers from the source.
360 reinforcement principle:
the reinforcement is to encrypt the source Apk and then to put it on a shell. The method comprises the steps of encrypting a source Apk by using an encryption algorithm, merging shell Apk to obtain a new Dex file, and finally replacing the Dex file in a shell program to obtain the new Apk, wherein the new Apk is not an integral Apk program, and the method mainly works to decrypt the source Apk and then load the Apk to enable the Apk to normally operate.
Specifically, the 360 reinforcement steps are as follows:
1. and downloading 360 the reinforcement package, clicking to add the application after logging in, and selecting the current APP.
2. Click "configure immediately" in the pop-up box.
3. And configuring the signature used by the APK, filling the content for starting the automatic signature, and clicking to add.
4. After clicking addition, the keystore path and the like have corresponding information.
5. And (5) uploading the software by the 360 reinforcement treasures for application reinforcement.
6. And (5) finishing reinforcement.
In summary, the following steps: the existing function is only one-way authentication, and if an Xpos frame and a just trustme plug-in are used, the corresponding data packet can be still captured, even the certificate of the front end is obtained. If bidirectional authentication, risk early warning, wind control and the like are achieved, namely the server and the front end have own certificates, the respective certificates need to be verified before data transmission, even if an illegal person obtains the certificate of the front end, the certificate of the server cannot be obtained, risk early warning is set, and a suspicious user is added into a blacklist or other wind control, so that the safety can be improved.
Referring to fig. 9, in the step of implementing S10-S40, after the APP terminal sends an https request to the APP background, the APP background checks whether the APP terminal holds an assigned certificate, if so, detects whether the certificate is valid, if so, verifies password information, if so, detects whether the data certificate is consistent with the assigned certificate, if so, the certificate uses a TLS protocol and returns to a Socket factory, and the APP terminal and the APP background perform data transmission through the Socket. Preferably, when the steps S10 to S40 are performed, if the certificate is invalid, the verification password information is abnormal, and the data certificate is not consistent with the specified certificate, the abnormality is thrown.
The above embodiments are only preferred embodiments of the present invention, and the protection scope of the present invention is not limited thereby, and any insubstantial changes and substitutions made by those skilled in the art based on the present invention are within the protection scope of the present invention.

Claims (11)

1. A method for preventing APP interception based on verification of a signature certificate is characterized by comprising the following steps:
and S10: the APP terminal comprises a terminal public key A1, a terminal private key A2 and a certificate, wherein the certificate is stored in a native resource directory and a background public key B is recorded; a background public key B1 and a background private key B2 are arranged in the background; the APP terminal establishes contact with the APP background and sends a request;
and S20: the APP terminal establishes a connection with the APP background through three-way handshake and sends a request to the APP background;
and S30: the APP background returns a background public key B1 to the APP terminal;
and S40: the APP terminal uses the private key A2 to unlock the certificate, takes out the recorded background public key B, compares the background public key B with the background public key B1 sent by the background, detects whether the background public key B is consistent or not, if yes, executes the next step, and if not, throws out the abnormity;
and S50: the APP terminal encrypts an APP terminal public key A1 and transmission content by using an APP background public key B1 and transmits the encrypted APP terminal public key A1 and the transmission content to the APP background in a message form, wherein the message comprises token, the transmission content, the APP terminal public key A1 and signature content;
and S60: the APP background decrypts the message by using the private key B2 to obtain an APP terminal public key A1, the message is encrypted to the APP terminal by using the APP terminal public key A1, and the message is decrypted by using the private key A2 by using the APP terminal background;
and S70: the APP terminal encrypts the message by using an APP background public key B1 and transmits the message to the APP background, and the APP background decrypts the message by using a background private key B2 to obtain the transmission content.
2. The method for preventing APP interception based on verifying a signed certificate as in claim 1, wherein: when the steps S10-S60 are implemented, if the problems of network interruption, token failure or message tampering occur, the certificate validity is verified again.
3. The method for preventing APP interception based on verifying a signed certificate as claimed in claim 2, wherein: when the steps of S10 to S60 are implemented, when the certificate validity is re-verified, it is determined whether the certificate is valid by verifying information such as a password, and if the certificate is not verified, an exception is thrown.
4. The method for preventing APP interception based on verifying a signed certificate as claimed in claim 2, wherein: when the steps of S10-S60 are implemented, whether the data certificate is consistent with the formulated certificate is judged when the certificate validity is re-verified, otherwise, the exception is thrown.
5. The method for preventing APP interception based on verifying a signed certificate as claimed in claim 1, wherein: when the steps of S10-S60 are implemented, after the APP terminal sends an https request to the APP background, the APP background checks whether the APP terminal has a specified certificate, if so, whether the detected certificate is valid, if so, password information is verified, if so, whether the detected data certificate is consistent with the specified certificate, if so, the certificate uses a TLS protocol and returns to a Socket factory, and the APP terminal and the APP background perform data transmission through the Socket.
6. The method for preventing APP interception based on verifying a signed certificate as in claim 1, wherein: in the step S20, the APP terminal sends an https request to the APP background, and the APP background records information, and records time, content, and address of the request.
7. The method of claim 5 for preventing APP interception based on verifying a signed certificate, wherein: in step S40, when "the APP terminal decrypts the certificate with the private key A2, takes out the recorded background public key B, and compares it with the background public key B1 sent by the background", if the two are not consistent, the address corresponding to the abnormal request is recorded.
8. The method of claim 6 for preventing APP interception based on verifying a signed certificate, wherein: in the step S40, the APP background returns the public key to the APP terminal, verifies whether the public key passes, and lists the request address as a blacklist if the number of times of non-passing verification exceeds 3 times.
9. The method for preventing APP interception based on verifying a signed certificate as claimed in claim 7, wherein: in the step S40, the APP background returns the public key to the APP terminal, verifies whether the public key passes, and if the public key does not pass, lists the request as a tampered request.
10. An electronic device, characterized by comprising: a processor;
a memory; and a program, wherein the program is stored in the memory and configured to be executed by the processor, the program comprising instructions for carrying out the method of any one of claims 1-8.
11. A computer-readable storage medium having stored thereon a computer program, characterized in that: the computer program is executed by a processor for performing the method according to any of claims 1-8.
CN202210969218.2A 2022-08-12 2022-08-12 Method for preventing APP eavesdropping based on verification signature certificate, electronic device and storage medium Pending CN115348078A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202210969218.2A CN115348078A (en) 2022-08-12 2022-08-12 Method for preventing APP eavesdropping based on verification signature certificate, electronic device and storage medium

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202210969218.2A CN115348078A (en) 2022-08-12 2022-08-12 Method for preventing APP eavesdropping based on verification signature certificate, electronic device and storage medium

Publications (1)

Publication Number Publication Date
CN115348078A true CN115348078A (en) 2022-11-15

Family

ID=83952103

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202210969218.2A Pending CN115348078A (en) 2022-08-12 2022-08-12 Method for preventing APP eavesdropping based on verification signature certificate, electronic device and storage medium

Country Status (1)

Country Link
CN (1) CN115348078A (en)

Similar Documents

Publication Publication Date Title
US11818274B1 (en) Systems and methods for trusted path secure communication
US8037295B2 (en) Hardware-bonded credential manager method and system
EP2887576B1 (en) Software key updating method and device
US20090055642A1 (en) Method, system and computer program for protecting user credentials against security attacks
CN109510802B (en) Authentication method, device and system
CN110198297B (en) Flow data monitoring method and device, electronic equipment and computer readable medium
CN113225352B (en) Data transmission method and device, electronic equipment and storage medium
US20130103944A1 (en) Hypertext Link Verification In Encrypted E-Mail For Mobile Devices
CN114244522B (en) Information protection method, device, electronic equipment and computer readable storage medium
CN115396121A (en) Security authentication method for security chip OTA data packet and security chip device
CN113904767A (en) System for establishing communication based on SSL
CA2793422C (en) Hypertext link verification in encrypted e-mail for mobile devices
JP4409497B2 (en) How to send confidential information
CN108737087B (en) Protection method for mailbox account password and computer readable storage medium
CN111651740B (en) Trusted platform sharing system for distributed intelligent embedded system
CN115348078A (en) Method for preventing APP eavesdropping based on verification signature certificate, electronic device and storage medium
CN115146284A (en) Data processing method and device, electronic equipment and storage medium
CN107209751B (en) Service processing method and device
CN113946799B (en) Application program source code protection method and server
CN113434865A (en) Security detection method, device, equipment and storage medium for mobile terminal
EP1944942A1 (en) Method for checking the running configuration of a network equipment and network equipment
CN116744298A (en) Identity recognition method, identification system and related equipment of card equipment of Internet of things
CN115914294A (en) Vehicle system upgrading method, device and equipment
CN117478422A (en) Interface data acquisition method and system based on password-free login in decoupling state
CN117134907A (en) Security control method and device, storage medium and electronic device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination