CN116561715A - MCU program encryption and decryption method - Google Patents
MCU program encryption and decryption method Download PDFInfo
- Publication number
- CN116561715A CN116561715A CN202310519749.6A CN202310519749A CN116561715A CN 116561715 A CN116561715 A CN 116561715A CN 202310519749 A CN202310519749 A CN 202310519749A CN 116561715 A CN116561715 A CN 116561715A
- Authority
- CN
- China
- Prior art keywords
- operand
- program
- instruction
- program instruction
- mcu
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
- 238000000034 method Methods 0.000 title claims abstract description 23
- 230000001788 irregular Effects 0.000 abstract description 3
- 238000012986 modification Methods 0.000 description 4
- 230000004048 modification Effects 0.000 description 4
- 238000005336 cracking Methods 0.000 description 2
- 238000012300 Sequence Analysis Methods 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000000694 effects Effects 0.000 description 1
- 238000006467 substitution reaction Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Computer Hardware Design (AREA)
- Physics & Mathematics (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Mathematical Physics (AREA)
- Storage Device Security (AREA)
Abstract
The divisional application relates to the technical field of MCU program encryption, in particular to an MCU program encryption and decryption method, which specifically comprises the following steps: when the MCU program is written by utilizing software, encrypting a program instruction at a compiler end, generating an encrypted program instruction after carrying out logic operation on an instruction address corresponding to the program instruction, and carrying out hardware decryption on the encrypted program instruction in a chip through a built-in corresponding decryption logic circuit; the invention realizes the encryption and decryption of the MCU program by means of software encryption hardware based on the unique correlation of the program address and the program instruction, the encrypted program instruction is irregular and circulated, the instruction read out in the chip burning and using process can not be decompiled or cracked and transplanted, and the ROM module of the direct needle-inserting chip can not be cracked because the MCU program is an encrypted binary machine code in the ROM.
Description
The application is a divisional application of application number 201911325274.7, application date 2019, 12 months and 20 days, and the invention name of "an MCU program encryption and decryption method".
Technical Field
The invention relates to the technical field of MCU program encryption, in particular to an MCU program encryption and decryption method.
Background
The conventional RISC reduced instruction set is simple and easy to use, the compiled binary machine code is relatively easy to understand, and the problem is that the binary machine code is easy to decompil into an assembly instruction, and then a program to be cracked is even transplanted to a similar substitution chip. For the MCU scheme designer, the developed MCU program, i.e. the intellectual property, needs to be protected, the existing MCU development, encryption, burning and decryption flows are shown in fig. 1, and it can be seen from fig. 1 that although the designer can do encryption protection at the chip end, the program cannot be read out in general, if the burning document is matched with the burner, the source program can still be decoded through grabbing burning time sequence analysis during burning, the developed program cannot be protected to the greatest extent, and the risk of leakage of the intellectual property is still present for the MCU scheme designer. Therefore, a simple and effective encryption method is needed to solve the problem that the MCU program is easy to crack.
Disclosure of Invention
Aiming at the problems in the prior art, the invention provides an MCU program encryption and decryption method.
In order to achieve the technical purpose, the technical scheme of the invention is as follows:
when the MCU program is written by using software, the program instruction is encrypted at a compiler end, the encrypted program instruction is generated after the logic operation is carried out on the instruction address corresponding to the program instruction, and the encrypted program instruction is decrypted in hardware in an MCU chip through a built-in corresponding decryption combination logic circuit.
Preferably, the method for performing logic operation on the address corresponding to the program instruction by the program instruction is as follows: the program instruction with even addresses is recorded as an operand A, an operand B is obtained after the high and low bytes of the operand A are exchanged, the instruction address corresponding to the program instruction is an operand C, the operand D is a constant, the operand B and the operand C are subjected to exclusive OR operation, and then the operand B and the operand C are subjected to exclusive OR operation with the operand D, so that an encrypted program instruction is generated; the program instruction with odd addresses is marked as an operand A ', the instruction address corresponding to the program instruction is an operation instruction C', an operand D 'is a constant, and the operand A' and the operand C 'are subjected to exclusive OR operation and then are subjected to exclusive OR operation with the operand D', so that the encrypted program instruction is generated.
As a modification, operand D and operand D' are the same value.
As a modification, operand D and operand D' are different values.
Preferably, the method for performing logic operation on the address corresponding to the original program instruction by the program instruction is as follows: dividing program instructions into a group every 4 according to instruction address lines; the program instruction with even addresses in each group is recorded as an operand A, the instruction address corresponding to the program instruction is an operand C, an operand D is a constant, and an operation result E is obtained after the operand A, the operand C and the operand D are subjected to A+A-C-D operation; the program instruction with odd addresses in each group is recorded as an operand A ', an operand B' is obtained after the high and low bytes of the operand A 'are exchanged, the instruction address corresponding to the program instruction is an operand C', an operand D 'is a constant, and an operand A', an operand B ', an operand C' and an operand D 'are operated by A' +B '-C' -D 'to obtain an operation result E'; and generating an encrypted program instruction after the operation result E or the operation result E 'positioned at the first two address bits in each group is shifted one bit to the right, and generating the encrypted program instruction after the operation result E or the operation result E' positioned at the second two address bits is shifted one bit to the left.
As a modification, operand D and operand D' are the same value.
As a modification, operand D and operand D' are different values.
From the above description, it can be seen that the present invention has the following advantages:
the invention realizes the encryption and decryption of the MCU program by means of software encryption and hardware decryption based on the unique correlation of the program address and the program instruction, the encrypted program instruction is irregularly circulated, the instruction read out in the burning and using processes of the MCU chip cannot be decompiled or cracked and transplanted, and the ROM module of the MCU chip cannot be directly needled and read because the MCU program is an encrypted binary machine code in the ROM.
Drawings
FIG. 1 is a flow of MCU program development, encryption, burning, decryption;
fig. 2 is a flow chart of the development, encryption, burning and decryption of the MCU program in embodiment 1 of the present invention.
Detailed Description
An embodiment of the present invention will be described in detail with reference to fig. 2, but the claims of the present invention are not limited thereto.
When the MCU program is written by using software, the program instruction is encrypted at a compiler end, the encrypted program instruction is generated after the logic operation is carried out on the program instruction and the instruction address corresponding to the program instruction, and the encrypted program instruction is subjected to hardware decryption in an MCU chip through a built-in corresponding decryption combination logic circuit.
According to the encryption and decryption method, encryption and decryption design is carried out on a section of instruction, and two embodiments are designed.
Example 1:
taking a simple instruction MOV A, @0X00, assigning an immediate 0X00 to the accumulator ACC;
the binary code after compiling is 0x0800;
then, 0x0800 is simply operated according to the instruction address, and the operation rule is as follows: the program instruction with even number address is exclusive-or with the instruction address corresponding to the program instruction after the high and low byte exchange, then exclusive-or with the constant 0xABCD, and the program instruction with odd number address is exclusive-or with the instruction address corresponding to the program instruction directly, and then exclusive-or with the constant 0 xABCD.
The result of the same program instruction MOV A at different addresses, @0X00 is shown in Table 1:
TABLE 1
Instructions for | Address of | Calculation result |
MOV A,@0X00 | 0x0000 | 0xABC5 |
MOV A,@0X00 | 0x0001 | 0xA3CC |
MOV A,@0X00 | 0x0002 | 0xABC7 |
MOV A,@0X00 | 0x03FE | 0xA83B |
MOV A,@0X00 | 0x03FF | 0xA032 |
As can be seen from the above table, the operation result is irregular and can be circulated, if the constant of the odd address participating in the exclusive OR operation is modified to 0xDCBA or an addition operation is added again, the operation process is more complex, the cracking difficulty is greatly increased, and when decryption is performed, a part of simple combinational logic circuit is arranged in the MCU, so that the numerical value can be decompiled back to the original instruction 0x0800.
When the MCU program is developed, the assembler instruction is used, the compiled machine code adopts hexadecimal, and when the burner burns the program to the chip, the program code is converted into binary machine code, so that the encrypted program instruction is stored in the ROM by the binary machine code, and when the program is decrypted, the numerical value can be decompiled back to the original instruction by only making a corresponding combinational logic circuit in the MCU according to the encryption rule.
As shown in fig. 1, the process of developing, encrypting, burning and decrypting the MCU program is an example described in this embodiment.
Example 2:
taking a simple instruction MOV A, @0X00, assigning an immediate 0X00 to the accumulator ACC;
the binary code after compiling is 0x0800;
then, 0x0800 is simply operated according to the instruction address, and the operation rule is shown in table 2: (1) Dividing program instructions into a group every 4 according to instruction address lines; (2) The program instruction (operand A) with even address in each group performs addition operation with the program instruction, then subtracts the instruction address (operand C) corresponding to the program instruction, then subtracts a constant 1 (operand D) to obtain an operation result; (3) The program instruction (operand A ') with odd address in each group is added with the program instruction (operand B') after the high and low byte exchange, then the instruction address (operand C ') corresponding to the program instruction is subtracted, then the constant 0001 (operand D') is subtracted, the operation result of the first two address bits in each group in the operation result (4) is shifted one bit to the right to generate the encrypted program instruction, and the operation result of the second two address bits in the operation result is shifted one bit to the left to generate the encrypted program instruction.
TABLE 2
According to the above operation method, the operation result of the same program instruction MOV a at different addresses @0X00 is shown in table 3:
TABLE 3 Table 3
As can be seen from the above table, the operation result is irregular and circulated, and is more complex than the result of embodiment 1, and the decoding difficulty is greater. Similarly, during decryption, a part of simple combinational logic circuit is arranged in the MCU to decompil the value back to the original instruction 0x0800.
When the MCU program is developed, the assembler instruction is used, the compiled machine code adopts hexadecimal, and when the burner burns the program to the chip, the program code is converted into binary machine code, so that the encrypted program instruction is stored in the ROM by the binary machine code, and when the program is decrypted, the numerical value can be decompiled back to the original instruction by only making a corresponding combinational logic circuit in the MCU according to the encryption rule.
In general, the complete MCU program is composed of various different instructions, after the MCU program is encrypted by using the method through a simple algorithm, the compiled instructions are very complex and changeable, the cracking difficulty is greatly increased, the instructions read out in the burning and using processes of the MCU chip cannot be decompiled or cracked and transplanted, and the ROM module of the MCU chip cannot be directly needled and read because the MCU program is also an encrypted binary machine code in the ROM.
The method of the present invention is not limited to the operation rules described in embodiments 1 and 2, and the user can combine the difficulty and cost of circuit design of hardware decryption according to the encryption complexity requirement, and make corresponding algorithm design at the compiler end during program design, so long as the required encryption protection degree can be achieved.
In summary, the invention has the following advantages:
the invention realizes the encryption and decryption of the MCU program by means of software encryption and hardware decryption based on the unique correlation of the program address and the program instruction, the encrypted program instruction is irregularly circulated, the instruction read out in the burning and using processes of the MCU chip cannot be decompiled or cracked and transplanted, and the ROM module of the MCU chip cannot be directly needled and read because the MCU program is an encrypted binary machine code in the ROM.
It is to be understood that the foregoing detailed description of the invention is merely illustrative of the invention and is not limited to the embodiments of the invention. It will be understood by those of ordinary skill in the art that the present invention may be modified or substituted for elements thereof to achieve the same technical effects; as long as the use requirement is met, the invention is within the protection scope of the invention.
Claims (3)
1. An MCU program encryption and decryption method is characterized in that: when the MCU program is written by utilizing software, encrypting a program instruction at a compiler end, generating an encrypted program instruction after carrying out logic operation on an instruction address corresponding to the program instruction, and carrying out hardware decryption on the encrypted program instruction in an MCU chip through a built-in corresponding decryption combination logic circuit;
the method for carrying out logic operation on the program instruction and the address corresponding to the program instruction comprises the following steps:
dividing program instructions into a group every 4 according to instruction address lines;
the program instruction with even addresses in each group is recorded as an operand A, the instruction address corresponding to the program instruction is an operand C, an operand D is a constant, and an operation result E is obtained after the operand A, the operand C and the operand D are subjected to A+A-C-D operation;
the program instruction with odd addresses in each group is recorded as an operand A ', an operand B' is obtained after the high and low bytes of the operand A 'are exchanged, the instruction address corresponding to the program instruction is an operand C', an operand D 'is a constant, and an operand A', an operand B ', an operand C' and an operand D 'are operated by A' +B '-C' -D 'to obtain an operation result E';
and generating an encrypted program instruction after the operation result E or the operation result E 'positioned at the first two address bits in each group is shifted one bit to the right, and generating the encrypted program instruction after the operation result E or the operation result E' positioned at the second two address bits is shifted one bit to the left.
2. The method for encrypting and decrypting the MCU program according to claim 1, wherein: operand D and operand D' are the same value.
3. The method for encrypting and decrypting the MCU program according to claim 1, wherein: operand D and operand D' are different values.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN202310519749.6A CN116561715A (en) | 2019-12-20 | 2019-12-20 | MCU program encryption and decryption method |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201911325274.7A CN111079098B (en) | 2019-12-20 | 2019-12-20 | MCU program encryption and decryption method |
CN202310519749.6A CN116561715A (en) | 2019-12-20 | 2019-12-20 | MCU program encryption and decryption method |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201911325274.7A Division CN111079098B (en) | 2019-12-20 | 2019-12-20 | MCU program encryption and decryption method |
Publications (1)
Publication Number | Publication Date |
---|---|
CN116561715A true CN116561715A (en) | 2023-08-08 |
Family
ID=70316244
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN202310519749.6A Pending CN116561715A (en) | 2019-12-20 | 2019-12-20 | MCU program encryption and decryption method |
CN201911325274.7A Active CN111079098B (en) | 2019-12-20 | 2019-12-20 | MCU program encryption and decryption method |
Family Applications After (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201911325274.7A Active CN111079098B (en) | 2019-12-20 | 2019-12-20 | MCU program encryption and decryption method |
Country Status (1)
Country | Link |
---|---|
CN (2) | CN116561715A (en) |
Family Cites Families (6)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN100446023C (en) * | 2006-04-26 | 2008-12-24 | 何波 | Method for protecting program information of program actuator |
KR100837270B1 (en) * | 2006-06-07 | 2008-06-11 | 삼성전자주식회사 | Smart card and data security method thereof |
US8402448B2 (en) * | 2008-09-18 | 2013-03-19 | Infineon Technologies Ag | Compiler system and a method of compiling a source code into an encrypted machine language code |
CN105446791B (en) * | 2014-08-26 | 2018-11-20 | 龙芯中科技术有限公司 | Indicate bit emulating method, device and processor |
CN106789006A (en) * | 2016-11-28 | 2017-05-31 | 范睿心 | A kind of decryption method and system |
CN107967414B (en) * | 2017-11-03 | 2023-07-28 | 深圳市航顺芯片技术研发有限公司 | Micro control chip instruction encryption method, decryption method and encryption/decryption system |
-
2019
- 2019-12-20 CN CN202310519749.6A patent/CN116561715A/en active Pending
- 2019-12-20 CN CN201911325274.7A patent/CN111079098B/en active Active
Also Published As
Publication number | Publication date |
---|---|
CN111079098B (en) | 2023-07-14 |
CN111079098A (en) | 2020-04-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9940445B2 (en) | Securing microprocessors against information leakage and physical tampering | |
Chen et al. | A modified chaos-based joint compression and encryption scheme | |
CN1290007C (en) | Realizing of protecting transplantable content for protecting secret security | |
JP4990908B2 (en) | Encryption protection method | |
JP5892887B2 (en) | How to counter side-channel attacks | |
CN108964872B (en) | Encryption method and device based on AES | |
JP4840782B2 (en) | Program conversion device, secure processing device, computer program, and recording medium | |
WO2014095772A9 (en) | Computing device comprising a table network | |
EP3759590B1 (en) | Compiling device and method | |
JP2010140473A (en) | Method and device for instruction level software encryption | |
CN110704854B (en) | Stream type encryption method aiming at text data reserved format | |
Seo et al. | Compact implementations of ARX-based block ciphers on IoT processors | |
Rinne et al. | Performance analysis of contemporary light-weight block ciphers on 8-bit microcontrollers | |
US20110261958A1 (en) | Table splitting for cryptographic processes | |
CN107967414B (en) | Micro control chip instruction encryption method, decryption method and encryption/decryption system | |
CN108959129B (en) | Embedded system confidentiality protection method based on hardware | |
CN111079098B (en) | MCU program encryption and decryption method | |
CN1258148C (en) | Encryption, decryption method using high security level symmetry secret key algorithm and its encipherer | |
KR20080046515A (en) | Encoding and decoding method of contents file | |
JP2007328789A (en) | Cryptographic system for encrypting input data by using address associated with input data, error detection circuit, and operation method of the same | |
CN112231739A (en) | Method and system for encrypting and decrypting burning file based on address remapping | |
JP7079711B2 (en) | Converter, conversion method, converter and obfuscation program | |
CN1133297C (en) | A kind of file encryption processing method | |
CN109951275B (en) | Key generation method and device, computer equipment and storage medium | |
CN113541922B (en) | Side channel attack resisting method and system based on switching network and jump algorithm instruction |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
PB01 | Publication | ||
PB01 | Publication | ||
SE01 | Entry into force of request for substantive examination | ||
SE01 | Entry into force of request for substantive examination |