CN116910711B - MCU firmware confusion method, system, server and storage medium - Google Patents
MCU firmware confusion method, system, server and storage medium Download PDFInfo
- Publication number
- CN116910711B CN116910711B CN202310861605.9A CN202310861605A CN116910711B CN 116910711 B CN116910711 B CN 116910711B CN 202310861605 A CN202310861605 A CN 202310861605A CN 116910711 B CN116910711 B CN 116910711B
- Authority
- CN
- China
- Prior art keywords
- offset
- mcu
- storage
- bin file
- element array
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
- 238000000034 method Methods 0.000 title claims abstract description 27
- 230000001502 supplementing effect Effects 0.000 claims abstract description 6
- 238000004590 computer program Methods 0.000 claims description 11
- 230000000694 effects Effects 0.000 abstract description 2
- 238000010586 diagram Methods 0.000 description 8
- 230000006870 function Effects 0.000 description 7
- 238000004891 communication Methods 0.000 description 5
- 230000003287 optical effect Effects 0.000 description 4
- 230000008569 process Effects 0.000 description 3
- 238000012545 processing Methods 0.000 description 3
- 239000000047 product Substances 0.000 description 2
- 230000000644 propagated effect Effects 0.000 description 2
- 239000004065 semiconductor Substances 0.000 description 2
- 241000533950 Leucojum Species 0.000 description 1
- 230000009286 beneficial effect Effects 0.000 description 1
- 238000004422 calculation algorithm Methods 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000000835 fiber Substances 0.000 description 1
- 239000004973 liquid crystal related substance Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 239000013307 optical fiber Substances 0.000 description 1
- 239000013589 supplement Substances 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2221/00—Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/21—Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F2221/2107—File encryption
-
- Y—GENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
- Y02—TECHNOLOGIES OR APPLICATIONS FOR MITIGATION OR ADAPTATION AGAINST CLIMATE CHANGE
- Y02D—CLIMATE CHANGE MITIGATION TECHNOLOGIES IN INFORMATION AND COMMUNICATION TECHNOLOGIES [ICT], I.E. INFORMATION AND COMMUNICATION TECHNOLOGIES AIMING AT THE REDUCTION OF THEIR OWN ENERGY USE
- Y02D10/00—Energy efficient computing, e.g. low power processors, power management or thermal management
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- Physics & Mathematics (AREA)
- Computer Hardware Design (AREA)
- Computer Security & Cryptography (AREA)
- General Engineering & Computer Science (AREA)
- General Physics & Mathematics (AREA)
- Technology Law (AREA)
- Multimedia (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Storage Device Security (AREA)
- Stored Programmes (AREA)
Abstract
The invention relates to a MCU firmware confusion method, a system, a server and a storage medium, wherein the method comprises the steps of obtaining the storage capacity of an original bin file of a target version after receiving a downloading request; determining the number of offset elements according to the storage capacity; generating an offset element array based on a preset generation rule, wherein the number of offset elements included in the offset element array is the number of offset elements, and each offset element does not exceed a critical value; determining the storage address of the original bin file in the MCU according to the offset elements in the offset element array based on an address comparison table to obtain a random address table, wherein the address comparison table comprises the corresponding relation between all storage addresses of the MCU and the offset elements; and storing the original bin file in a plurality of corresponding storage addresses, and supplementing invalid bytes by the rest storage addresses to obtain the encrypted bin file. The invention has the effect of improving the safety of MCU firmware.
Description
Technical Field
The application relates to the technical field of MCU (micro control Unit), in particular to a method, a system, a server and a storage medium for mixing MCU firmware.
Background
Generally, most electronic products are configured with an MCU, and software programs developed by technicians are stored in the MCU, so as to facilitate implementation of various functions of the electronic products.
After a technician completes the development of the software program, the server generates a plurality of versions of bin files so as to adapt to MCUs of various models. Each manufacturer is provided with a terminal device, and an operator can access the server through the terminal device after knowing the MCU model produced by the manufacturer, and downloads the bin file of the corresponding version from the server.
Because the operator knows the MCU model, can obtain the bin file of corresponding version again, consequently, the operator is very easy to obtain the source code through the bin file of MCU model and corresponding version is reverse. This can easily cause software source code leakage.
Disclosure of Invention
The application aims to provide an MCU firmware confusion method which has the characteristic of improving the safety of MCU firmware.
The first object of the present application is achieved by the following technical solutions:
an MCU firmware obfuscation method, comprising:
after receiving a downloading request, acquiring the storage capacity of an original bin file of a target version;
Determining the number of offset elements according to the storage capacity;
Generating an offset element array based on a preset generation rule, wherein the number of offset elements included in the offset element array is the number of offset elements, and each offset element does not exceed a critical value;
Determining the storage address of the original bin file in the MCU according to the offset elements in the offset element array based on an address comparison table to obtain a random address table, wherein the address comparison table comprises the corresponding relation between all storage addresses of the MCU and the offset elements;
and storing the original bin file in a plurality of corresponding storage addresses, and supplementing invalid bytes by the rest storage addresses to obtain the encrypted bin file.
By adopting the technical scheme, after receiving the downloading request, according to the obtained storage capacity of the original bin file of the target version and the storage space with 32 bits for each storage address, the number of storage addresses needed when the original bin file is stored can be determined. By generating the same number of offset elements, wherein the offset elements do not exceed a critical value, and the storage address corresponding to each offset element is the expanded storage address. When the original bin files are stored in the storage addresses, invalid bytes are supplemented in the rest storage addresses, the obtained encrypted bin files have higher safety, and when an operator acquires the encrypted bin files, the original bin files cannot be identified, so that MCU firmware is protected.
The present application may be further configured in a preferred example to: the generating the offset element array based on the preset generation rule comprises the following steps:
within the range from 1 to a critical value, random offset elements of the offset element number are generated to form an offset element array.
By adopting the technical scheme, the random offset element is generated with uncertainty, so that operators are not easy to crack, and the safety of the bin file can be improved.
The present application may be further configured in a preferred example to: if the source addresses of the download requests received at different times are the same, two different encrypted bin files are obtained.
By adopting the technical scheme, the same downloading request is received at different times, and the generated encrypted bin files are different, so that the security of the original bin files can be improved.
The present application may be further configured in a preferred example to: the determining the number of offset elements according to the storage capacity includes:
Offset element number = storage capacity/4B.
By adopting the technical scheme, how many 32-bit storage addresses are needed for storing the original bin file is determined.
The present application may be further configured in a preferred example to: the calculation mode of the critical value is as follows: critical value = acquired MCU storage capacity/4B.
By adopting the technical scheme, the number of 32-bit storage addresses is determined.
The present application may be further configured in a preferred example to: when the encrypted bin file is obtained, a unique identifier is allocated;
and encrypting the unique identification and the random address table and then sending the encrypted unique identification and the random address table.
By adopting the technical scheme, the terminal equipment which is convenient for sending the downloading request can identify the original bin file in the encrypted bin file.
The application also provides an MCU firmware confusion system, which has the characteristic of improving the safety of MCU firmware.
The second object of the present application is achieved by the following technical solutions:
an MCU firmware confusing system, comprising,
The acquisition module is used for acquiring the storage capacity of the original bin file of the target version after receiving the downloading request;
a first determining module, configured to determine the number of offset elements according to the storage capacity;
the array generation module is used for generating an offset element array based on a preset generation rule, wherein the number of offset elements included in the offset element array is the number of offset elements, and each offset element does not exceed a critical value;
the second determining module is used for determining the storage address of the original bin file in the MCU according to the offset elements in the offset element array based on an address comparison table to obtain a random address table, wherein the address comparison table comprises the corresponding relation between all storage addresses of the MCU and the offset elements; and
And the file generation module is used for storing the original bin file in a plurality of corresponding storage addresses, and supplementing invalid bytes by the rest storage addresses to obtain the encrypted bin file.
The third purpose of the application is to provide a server which has the characteristic of improving the safety of MCU firmware.
The third object of the present application is achieved by the following technical solutions:
a server comprising a memory and a processor, said memory having stored thereon a computer program capable of being loaded by the processor and executing the above described MCU firmware obfuscation method.
The fourth object of the present application is to provide a computer storage medium capable of storing a corresponding program, which has the characteristic of being convenient for improving the safety of the MCU firmware.
The fourth object of the present application is achieved by the following technical solutions:
A computer readable storage medium storing a computer program capable of being loaded by a processor and executing any one of the above-described MCU firmware methods.
In summary, the present application includes at least one of the following beneficial technical effects:
In the application, after receiving the downloading request, according to the obtained storage capacity of the original bin file of the target version and the storage space with 32 bits of each storage address, the number of the storage addresses required when the original bin file is stored can be determined. By generating the same number of offset elements, wherein the offset elements do not exceed a critical value, and the storage address corresponding to each offset element is the expanded storage address. When the original bin files are stored in the storage addresses, invalid bytes are supplemented in the rest storage addresses, the obtained encrypted bin files have higher safety, and when an operator acquires the encrypted bin files, the original bin files cannot be identified, so that MCU firmware is protected.
Drawings
Fig. 1 is a flowchart of an MCU firmware confusion method according to an embodiment of the present application.
Fig. 2 is a system schematic diagram of an MCU firmware confusion system according to an embodiment of the present application.
Fig. 3 is a schematic structural diagram of a server according to an embodiment of the present application.
In the figure, 21, an acquisition module; 22. a first determination module; 23. an array generation module; 24. a second determination module; 25. a file generation module; 301. a CPU; 302. a ROM; 303. a RAM; 304. a bus; 305. an I/O interface; 306. an input section; 307. an output section; 308. a storage section; 309. a communication section; 310. a driver; 311. removable media.
Detailed Description
The present application will be described in further detail with reference to the accompanying drawings.
The present embodiment is only for explanation of the present application and is not to be construed as limiting the present application, and modifications to the present embodiment, which may not creatively contribute to the present application as required by those skilled in the art after reading the present specification, are all protected by patent laws within the scope of claims of the present application.
For the purpose of making the objects, technical solutions and advantages of the embodiments of the present application more apparent, the technical solutions of the embodiments of the present application will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present application, and it is apparent that the described embodiments are some embodiments of the present application, but not all embodiments of the present application. All other embodiments, which can be made by those skilled in the art based on the embodiments of the application without making any inventive effort, are intended to be within the scope of the application.
In addition, the term "and/or" herein is merely an association relationship describing an association object, and means that three relationships may exist, for example, a and/or B may mean: a exists alone, A and B exist together, and B exists alone. In this context, unless otherwise specified, the term "/" generally indicates that the associated object is an "or" relationship.
The embodiment of the application provides an MCU firmware confusion method which is applied to a server for issuing a bin file. In the application, the bin file refers to firmware burnt in MCU of various models. The MCU firmware confusion method provided by the application is mainly used for encrypting the bin file between the bin file and the terminal equipment, and can improve the safety of the MCU firmware to a certain extent. It can be appreciated that the server is also adapted to adapt to different types of MCUs before encrypting the bin file. In order to distinguish, the bin file is a bin file of an initial version developed and completed by a technician, the original bin file is a bin file obtained by adjusting the bin file of the initial version, and the bin file has a plurality of versions, and each version is adapted to an MCU of one model.
Embodiments of the application are described in further detail below with reference to the drawings.
The main flow of the MCU firmware confusion method provided by the embodiment of the application is described as follows.
As shown in fig. 1:
Step S101: and after receiving the downloading request, acquiring the storage capacity of the original bin file of the target version.
When the factory needs to acquire the original bin file to complete the firmware burning work of the MCU, an operator needs to access the server through a special terminal device configured by the factory. The terminal device may send a download request while accessing the server. The downloading request contains the MCU model produced by the manufacturer. According to the MCU model obtained from the downloading request, the server can obtain the original bin files matched with the MCU model in the original bin files of a plurality of versions, namely the original bin files of the target version. After the original bin file is determined, the storage capacity of the original bin file can be obtained. The storage capacity is the occupied space of the original bin file. It should be noted that the storage capacity of the original bin file is typically less than 70% of the MCU storage area size. In the present application, the MCU is a 32-bit MCU, and its memory area size is 256KB.
Step S102: and determining the number of offset elements according to the storage capacity.
The memory area of the MCU is composed of a plurality of memory addresses, and the memory space of each memory address is 32 bits, namely 4B. Therefore, it is first necessary to know how many storage addresses the original bin file occupies when stored in the MCU's storage area. The number of storage addresses for storing the original bin file is referred to as the offset element number in the present application. The number of offset elements is calculated in such a way that the number of offset elements=the storage capacity of the original bin file/4B.
Step S103: and generating an offset element array based on a preset generation rule.
The number of the offset elements included in the offset element array is the number of the offset elements, and each offset element does not exceed a critical value.
It will be appreciated that, according to the above description, the storage capacity of the original bin file is typically less than 70% of the size of the MCU storage area, that is, it is known that when the original bin file is stored in the MCU storage area, the storage space with a plurality of storage addresses in the MCU storage area is in a blank state. The application adopts the mode of expanding the original bin file and expanding the original bin file to 256KB to encrypt the original bin file. Therefore, in this step, the plurality of offset elements in the offset element array can determine the storage address of the original bin file stored in the MCU storage area. That is, each offset element in the offset element array represents a storage address of an MCU storage area, and naturally, the number of offset elements in the offset element array is the number of offset elements. And the critical value is the total number of storage addresses of the MCU storage area, namely the last storage address capable of storing the original bin file in the MCU storage area. The threshold value is calculated by the threshold value=the acquired MCU storage capacity/4b=256 KB/4b=64k.
In order to prevent an operator from obtaining the MCU model and the encrypted bin file, the original bin file is obtained by inversion, and when an offset element array is generated, the offset elements in the offset element array cannot have a rule. For this purpose, in the present application, an offset element array is formed in such a manner that random offset elements of the number of offset elements are generated in a range from 1 to a critical value. In some specific embodiments, random function generation may be used, or snowflake algorithm implementation may be used.
Step S104: and determining the storage address of the original bin file in the MCU according to the offset elements in the offset element array based on the address comparison table so as to obtain a random address table.
The address comparison table comprises the corresponding relation between all storage addresses of the MCU storage area and offset elements. The value range of the offset elements is 1 to a critical value, and each offset element corresponds to one storage address. For example, an offset element of value 1 corresponds to a memory address of number 1, an offset element of value 2 corresponds to a memory address of number 2, … …, and so on. When the offset element array is determined, a random address table can be determined according to the address comparison table and the offset elements in the offset element array. The random address table includes all the storage addresses for storing the original bin file.
Step S105: and storing the original bin file in a plurality of corresponding storage addresses, and supplementing invalid bytes by the rest storage addresses to obtain the encrypted bin file.
It will be appreciated that after obtaining the encrypted bin file, the server is also assigned a unique identifier. When the server receives the downloading request and the authentication is passed, the server transmits the address information matched with the unique identification and the encrypted random address table to the special terminal equipment. The program configured by the special terminal equipment can decrypt the encrypted bin file according to the random address table to obtain the original bin file, so that the firmware burning step is carried out. In the process, an operator can only acquire the encrypted bin file, but cannot acquire the random address table, and further cannot invert to acquire the original bin file. This improves the security of the MCU firmware to some extent.
It should be noted that, each time the server receives the download request, an offset element array is regenerated, so as to increase the security of the MCU firmware. In some specific examples, an operator at a factory may send a download request to a server via a terminal device at different times of the day. For the above case, the server detects the source address when receiving the download request, and if the source addresses of the download requests received at different times are the same, the server generates two different encrypted bin files.
It should be further noted that, in different embodiments, if the selected MCU is not a 32-bit MCU with a 256KB memory area, the method is also applicable.
The MCU firmware confusion method provided by the embodiment of the application can realize further encryption of the original bin file, so that operators of a factory can not restore to obtain the original bin file when knowing the model of the MCU and obtaining the encrypted bin file, thereby improving the safety of the MCU firmware.
Fig. 2 is a schematic diagram of an MCU firmware confusion system according to an embodiment of the present application.
The MCU firmware confusion system as shown in fig. 2 includes an acquisition module 21, a first determination module 22, an array generation module 23, a second determination module 24, a file generation module 25, and an encryption module 26, wherein:
the obtaining module 21 is configured to obtain, after receiving the download request, a storage capacity of the original bin file of the target version.
A first determining module 22, configured to determine the number of offset elements according to the storage capacity, where the number of offset elements=storage capacity/4B.
The array generating module 23 is configured to generate an offset element array based on a preset generating rule, where the number of offset elements included in the offset element array is the number of offset elements, and each offset element does not exceed a critical value, and is configured to generate random offset elements of the number of offset elements within a range from 1 to the critical value, so as to form the offset element array, where the critical value=the acquired MCU storage area capacity/4B.
The second determining module 24 is configured to determine, based on an address comparison table, a storage address of the original bin file in the MCU according to the offset elements in the offset element array, so as to obtain a random address table, where the address comparison table includes a correspondence between all storage addresses of the MCU and the offset elements.
The file generating module 25 is configured to store the original bin file in a plurality of corresponding storage addresses, and the remaining storage addresses supplement invalid bytes to obtain an encrypted bin file, and is configured to assign a unique identifier when the encrypted bin file is obtained.
An encryption module 26 for encrypting and transmitting the unique identification and the random address table.
Fig. 3 shows a schematic diagram of a server suitable for implementing an embodiment of the application.
As shown in fig. 3, the server includes a Central Processing Unit (CPU) 301 that can perform various appropriate actions and processes according to a program stored in a Read Only Memory (ROM) 302 or a program loaded from a storage section into a Random Access Memory (RAM) 303. In the RAM 303, various programs and data required for the system operation are also stored. The CPU 301, ROM 302, and RAM 303 are connected to each other through a bus 304. An input/output (I/O) interface 305 is also connected to bus 304.
The following components are connected to the I/O interface 305: an input section 306 including a keyboard, a mouse, and the like; an output portion 307 including a Cathode Ray Tube (CRT), a Liquid Crystal Display (LCD), and the like, a speaker, and the like; a storage section 308 including a hard disk or the like; and a communication section 309 including a network interface card such as a LAN card, a modem, or the like. The communication section 309 performs communication processing via a network such as the internet. The drive 310 is also connected to the I/O interface 305 as needed. A removable medium 311 such as a magnetic disk, an optical disk, a magneto-optical disk, a semiconductor memory, or the like is installed on the drive 310 as needed, so that a computer program read out therefrom is installed into the storage section 308 as needed.
In particular, the process described above with reference to flowchart fig. 1 may be implemented as a computer software program according to an embodiment of the application. For example, embodiments of the application include a computer program product comprising a computer program embodied on a machine-readable medium, the computer program comprising program code for performing the method shown in the flowcharts. In such an embodiment, the computer program may be downloaded and installed from a network via the communication portion 309, and/or installed from the removable medium 311. The above-described functions defined in the system of the present application are performed when the computer program is executed by a Central Processing Unit (CPU) 301.
The computer readable medium shown in the present application may be a computer readable signal medium or a computer readable storage medium, or any combination of the two. The computer readable storage medium can be, for example, but not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples of the computer-readable storage medium may include, but are not limited to: an electrical connection having one or more wires, a portable computer diskette, a hard disk, a Random Access Memory (RAM), a read-only memory (ROM), an erasable programmable read-only memory (EPROM or flash memory), an optical fiber, a portable compact disc read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing. In the context of this document, a computer readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with an instruction execution system, apparatus, or device. In the present application, however, the computer-readable signal medium may include a data signal propagated in baseband or as part of a carrier wave, with the computer-readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A computer readable signal medium may also be any computer readable medium that is not a computer readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with an instruction execution system, apparatus, or device. Program code embodied on a computer readable medium may be transmitted using any appropriate medium, including but not limited to: wireless, wire, fiber optic cable, RF, etc., or any suitable combination of the foregoing.
The flowcharts and block diagrams in the figures illustrate the architecture, functionality, and operation of possible implementations of systems, methods and computer program products according to various embodiments of the present application. In this regard, each block in the flowchart or block diagrams may represent a module, segment, or portion of code, which comprises one or more executable instructions for implementing the specified logical function(s). It should also be noted that, in some alternative implementations, the functions noted in the block may occur out of the order noted in the figures. For example, two blocks shown in succession may, in fact, be executed substantially concurrently, or the blocks may sometimes be executed in the reverse order, depending upon the functionality involved. It will also be noted that each block of the block diagrams and/or flowchart illustration, and combinations of blocks in the block diagrams and/or flowchart illustration, can be implemented by special purpose hardware-based systems which perform the specified functions or acts, or combinations of special purpose hardware and computer instructions.
The units or modules involved in the embodiments of the present application may be implemented in software or in hardware. The described units or modules may also be provided in a processor, for example, as: a processor comprising: the device comprises an acquisition module 21, a first determination module 22, an array generation module 23, a second determination module 24, a file generation module 25 and an encryption module 26. The names of these units or modules do not limit the units or modules themselves in some cases, and the acquisition module 21 may also be described as "a module for acquiring the storage capacity of the original bin file of the target version after receiving the download request", for example.
As another aspect, the present application also provides a computer-readable storage medium that may be contained in the server described in the above embodiment; or may exist alone without being assembled into the server. The computer readable storage medium stores one or more programs that when executed by one or more processors perform the MCU firmware obfuscation method described in the present application.
The above description is only illustrative of the preferred embodiments of the present application and of the principles of the technology employed. It will be appreciated by persons skilled in the art that the scope of the application is not limited to the specific combinations of the features described above, but also covers other embodiments which may be formed by any combination of the features described above or their equivalents without departing from the spirit of the application. Such as the above-mentioned features and the technical features having similar functions (but not limited to) applied for in the present application are replaced with each other.
Claims (7)
1. An MCU firmware confusion method, comprising:
after receiving a downloading request, acquiring the storage capacity of an original bin file of a target version;
Determining the number of offset elements according to the storage capacity;
Generating an offset element array based on a preset generation rule, wherein the number of offset elements included in the offset element array is the number of offset elements, each offset element does not exceed a critical value, and the critical value is the total number of storage addresses of an MCU storage area;
Determining the storage address of the original bin file in the MCU according to the offset elements in the offset element array based on an address comparison table to obtain a random address table, wherein the address comparison table comprises the corresponding relation between all storage addresses of the MCU and the offset elements;
Storing the original bin file in a plurality of corresponding storage addresses, and supplementing invalid bytes by the rest storage addresses to obtain an encrypted bin file;
the generating the offset element array based on the preset generation rule comprises the following steps:
Generating random offset elements of the number of the offset elements within the range from 1 to a critical value to form an offset element array;
The determining the number of offset elements according to the storage capacity includes:
Offset element number = storage capacity/4B.
2. The MCU firmware obfuscation method of claim 1, further comprising:
If the source addresses of the download requests received at different times are the same, two different encrypted bin files are obtained.
3. The method for confusion of MCU firmware according to claim 1, wherein the threshold is calculated by: critical value = acquired MCU storage capacity/4B.
4. The MCU firmware obfuscation method of claim 3, further comprising:
when the encrypted bin file is obtained, a unique identifier is allocated;
and encrypting the unique identification and the random address table and then sending the encrypted unique identification and the random address table.
5. An MCU firmware confusion system, characterized by comprising,
The acquisition module (21) is used for acquiring the storage capacity of the original bin file of the target version after receiving the downloading request;
-a first determining module (22) for determining a number of offset elements from said storage capacity, said determining the number of offset elements from said storage capacity comprising: offset element number = storage capacity/4B;
The array generation module (23) is used for generating an offset element array based on a preset generation rule, wherein the number of offset elements included in the offset element array is the number of offset elements, each offset element does not exceed a critical value, and the critical value is the total number of storage addresses of the MCU storage area; the generating the offset element array based on the preset generation rule comprises the following steps: generating random offset elements of the number of the offset elements within the range from 1 to a critical value to form an offset element array;
A second determining module (24) configured to determine, based on an address comparison table, a storage address of the original bin file in the MCU according to the offset elements in the offset element array, so as to obtain a random address table, where the address comparison table includes correspondence between all storage addresses of the MCU and the offset elements; and
And the file generation module (25) is used for storing the original bin file in a plurality of corresponding storage addresses, and supplementing invalid bytes by the rest storage addresses to obtain the encrypted bin file.
6. A server comprising a memory and a processor, the memory having stored thereon a computer program capable of being loaded by the processor and performing the method according to any of claims 1 to 4.
7. A computer readable storage medium, characterized in that a computer program is stored which can be loaded by a processor and which performs the method according to any of claims 1 to 4.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310861605.9A CN116910711B (en) | 2023-07-13 | 2023-07-13 | MCU firmware confusion method, system, server and storage medium |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN202310861605.9A CN116910711B (en) | 2023-07-13 | 2023-07-13 | MCU firmware confusion method, system, server and storage medium |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN116910711A CN116910711A (en) | 2023-10-20 |
| CN116910711B true CN116910711B (en) | 2024-06-11 |
Family
ID=88354306
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN202310861605.9A Active CN116910711B (en) | 2023-07-13 | 2023-07-13 | MCU firmware confusion method, system, server and storage medium |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN116910711B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108965486A (en) * | 2018-10-08 | 2018-12-07 | 深圳市创维软件有限公司 | A kind of document down loading method, system, server and storage medium |
| CN109889333A (en) * | 2019-01-24 | 2019-06-14 | 深圳忆联信息系统有限公司 | Firmware data encryption method, device, computer equipment and storage medium |
| CN111931204A (en) * | 2020-07-15 | 2020-11-13 | 宁波富万信息科技有限公司 | Encryption and de-duplication storage method and terminal equipment for distributed system |
| CN115238249A (en) * | 2022-08-10 | 2022-10-25 | 中国工商银行股份有限公司 | Application code obfuscation method, apparatus, device and medium |
| CN115348083A (en) * | 2022-08-15 | 2022-11-15 | 湖南国科微电子股份有限公司 | Firmware encryption and decryption method and device, computer equipment and readable storage medium |
Family Cites Families (1)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US11604740B2 (en) * | 2020-12-01 | 2023-03-14 | Capital One Services, Llc | Obfuscating cryptographic material in memory |
-
2023
- 2023-07-13 CN CN202310861605.9A patent/CN116910711B/en active Active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN108965486A (en) * | 2018-10-08 | 2018-12-07 | 深圳市创维软件有限公司 | A kind of document down loading method, system, server and storage medium |
| CN109889333A (en) * | 2019-01-24 | 2019-06-14 | 深圳忆联信息系统有限公司 | Firmware data encryption method, device, computer equipment and storage medium |
| CN111931204A (en) * | 2020-07-15 | 2020-11-13 | 宁波富万信息科技有限公司 | Encryption and de-duplication storage method and terminal equipment for distributed system |
| CN115238249A (en) * | 2022-08-10 | 2022-10-25 | 中国工商银行股份有限公司 | Application code obfuscation method, apparatus, device and medium |
| CN115348083A (en) * | 2022-08-15 | 2022-11-15 | 湖南国科微电子股份有限公司 | Firmware encryption and decryption method and device, computer equipment and readable storage medium |
Also Published As
| Publication number | Publication date |
|---|---|
| CN116910711A (en) | 2023-10-20 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US6711619B1 (en) | Method, system, and apparatus for distributing and using computer-based applications over a network | |
| CN106843978B (en) | SDK access method and system | |
| US10116746B2 (en) | Data storage method and network interface card | |
| CN109710695B (en) | Transaction request validity identification and initiation method, device, equipment and medium | |
| CN111324441A (en) | Operating environment switching method and device, computer equipment and storage medium | |
| CN104036194A (en) | Vulnerability detection method and device for revealing private data in application program | |
| CN111400760B (en) | Method, device, server and storage medium for web application to access database | |
| CN111629063A (en) | Block chain based distributed file downloading method and electronic equipment | |
| CN108399046B (en) | File operation request processing method and device | |
| CN109635558B (en) | Access control method, device and system | |
| US10691424B2 (en) | Method for programming and terminal device | |
| US20220188467A1 (en) | Cloud server and method for controlling cloud server thereof | |
| CN114239026A (en) | Information desensitization conversion processing method, device, computer equipment and storage medium | |
| CN116910711B (en) | MCU firmware confusion method, system, server and storage medium | |
| CN110020040B (en) | Method, device and system for querying data | |
| CN112925796A (en) | Write consistency control method, device, equipment and storage medium | |
| CN117640271A (en) | Data broadcasting device and system | |
| CN112016336B (en) | Method, device, equipment and storage medium for detecting copy card | |
| CN104360850A (en) | Method and device for processing service code | |
| CN114238404A (en) | Data query method and device, storage medium and equipment | |
| CN113672261A (en) | Cloud software updating method, electronic device and storage medium | |
| CN111339523A (en) | Authorization method and device of embedded device | |
| CN110716963B (en) | Method for providing adaptively configured user data and related equipment | |
| CN110430175B (en) | Encryption protocol implanting method, device and equipment based on AC35 platform | |
| CN115543361B (en) | File burning method, device, electronic equipment and storage medium |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |