CN1641514A - Apparatus for encrypting protection to a programme using guard bit element code - Google Patents
Apparatus for encrypting protection to a programme using guard bit element code Download PDFInfo
- Publication number
- CN1641514A CN1641514A CN 200410001821 CN200410001821A CN1641514A CN 1641514 A CN1641514 A CN 1641514A CN 200410001821 CN200410001821 CN 200410001821 CN 200410001821 A CN200410001821 A CN 200410001821A CN 1641514 A CN1641514 A CN 1641514A
- Authority
- CN
- China
- Prior art keywords
- program
- protection
- produce
- insertion position
- bit
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
Images
Abstract
This invention brings forward a kind of device of using a protection byte code to protect a program by encrypting. The program has a plural instruction P (P is a plus integer). The device includes a protection byte code producing device, a first protection byte code producing device and a protection byte code inserting device. The protection byte code producing device uses the program plural instruction to produce plural protection byte codes. The plural instructions have plural bytes I (I is a plus integer); the position producing device of the first protection byte code produces plural inserting positions N ( N is a plus integer) of the plural protection byte codes, according to the processor state when executing the program. The inserting device of the protection byte code respectively insert the plural protection byte codes into the plural instructions as the (N - 1) and the N of the program, according to the inserting positions produced by the position producing device of the first protection byte code, to bring a encrypted program.
Description
Technical field
The invention relates to processor information protection technology, refer to a kind of device that one program is carried out encipherment protection with the protection byte code especially.
Background technology
Pay attention to the epoch of the intelligence ownership of property at this; manufacturer is in order to protect the program of its arduous exploitation; the Wise property that data etc. are relevant; can be with these data when off-line (off-line); program is carried out one earlier and is encrypted (encrypting) processing; data after will encrypting again is stored to a non-volatile or other Storage Medias; even other people take non-volatile or other Storage Medias that has this encrypted data; owing to can't know the process and the disposal route of this encryption; also can't correctly go to reduce these data; program reaches the purpose of protection therefrom.
At this kind information protection mode, in; U.S. USP6; 408; in No. 073 patent announcement; use a virtual random number producer (Pseudo Random Generator) and foundation one initial value (seed1/seed2); come read-only memory (Read Only Memory; ROM) data (ROMdata) is encoded with generation enciphered data (Encoded data), yet this kind information protection mode is done the parameter of encryption because of using random number, synchronous random number producer need be arranged in order to decode.The template (pattern) that needs very many random numbers could prevent effectively that other people from reducing these data, program, and virtual random number producer of this meaning work coding and decoding needs quite complicated circuit, and this can increase many costs.If use the virtual random number producer of better simply coding and decoding, though escapable cost is reduced these data, program by other people easily, therefore, the conditional order treatment design of well known processor still has many disappearances and gives improved necessity.
Summary of the invention
The object of the present invention is to provide and a kind ofly one program is carried out the device of encipherment protection, use complicated virtual random number producer to avoid known technology, and reach the purpose of escapable cost with the protection byte code.Simultaneously, because the generation of protection byte code and removal hardware are quite simple and easy,, and promote overall system efficiency with the minimizing encryption time.
According to a characteristic of the present invention; a kind of device that one program is carried out encipherment protection with the protection byte code is proposed; this program has a plurality of instructions, and this device comprises a protection byte code generation device, one first protection bit code position generation device and a protection byte code and inserts device.This protection byte code generation device be according to the instruction of the plural number of this program to produce a plurality of protection byte codes, each instruction has I bit (I is a positive integer).This first protection bit code position generation device during according to this program of execution processor state to produce the insertion position N (N is a positive integer) of each protection byte code.This protection byte code inserts device according to the insertion position N that this first protection bit code position generation device is produced, and respectively each protection byte code is inserted among the N-1 and N bit of the corresponding instruction of this program, to produce an encipheror.
According to another characteristic of the present invention; a kind of device that an encipheror is decrypted is proposed; this encipheror will be protected byte code to be inserted in the original program and encrypt; this encipheror has a plurality of instructions, and this device comprises one second a protection bit code position generation device and a protection byte code removal device.The processor state of this second protection bit code position generation device during according to this program of execution is to produce the insertion position of each protection byte code; This protection byte code removal device is this program of input, and according to each insertion position N that this second protection bit code position generation device is produced, removes with the N bit that this program correspondence is instructed.
According to another characteristic of the present invention; a kind of device that an encipheror is decrypted is proposed; this encipheror is inserted in two groups of protection byte codes in the original program and encrypts; this encipheror has a plurality of instructions; one of them word group can comprise two encrypted instructions, and this device comprises one the 3rd protection bit code position generation device, one the 4th protection bit code position generation device, one the 3rd protection byte code removal device and one the 4th protection byte code removal device.The processor state of the 3rd protection bit code position generation device during according to this program of execution is to produce the 3rd insertion position of each protection byte code; The processor state of the 4th protection bit code position generation device during according to this program of execution is to produce the 4th insertion position of each protection byte code; The 3rd protection byte code removal device is imported the low half-word group of this encipheror, and each the 3rd insertion position N1 that is produced according to the 3rd protection bit code position generation device, so that the 0th of the plural number instruction of this this program is removed to the N1 bit of (K-1) bit; The 4th protection byte code removal device is imported the high half-word group of this encipheror; and each the 4th insertion position N2 that is produced according to the 4th protection bit code position generation device, so that the K of this program plural number instruction is removed to the N2 bit of (2K-1) bit.
Description of drawings
Fig. 1: the present invention carries out encipherment protection device calcspar with the protection byte code to a program.
Fig. 2: the circuit diagram of the present invention's second protection bit code position generation device.
Fig. 3-Fig. 4: the synoptic diagram of the present invention second protection bit code position insertion position that generation device produces.
Fig. 5: the present invention protects the circuit diagram of byte code removal device.
Fig. 6: the present invention carries out another embodiment calcspar of device of encipherment protection to a program with the protection byte code
Embodiment
Fig. 1 shows that the present invention carries out the calcspar of encipherment protection device with the protection byte code to a program, and it comprises a protection byte code generation device 110, one first protection bit code position generation device 120, a protection byte code and inserts device 130, one second protection bit code position generation device 210 and a protection byte code removal device 220.And encrypted program has the instruction of plural number, and each instruction has I bit (I is a positive integer), and the protection byte code has P bit (P positive integer); in the present embodiment, I is 31 bits, and P is 1 bit; be that I+P is 32 bits, but also I is 32 bits, P is 1 bit.
This protection byte code generation device 110 instructs to produce corresponding protection byte code respectively, the indication bit of processor mode when this protection byte code can be parity check bit (Parity bit), error correcting code (Error Correction Code, ECC) or instruction execution according to each of this program.
Processor state when these first protection bit code position generation device, 120 foundations are carried out this program is to produce the insertion position N (N is a positive integer) of each protection byte code.It is the insertion position N that produced according to this first protection bit code position generation device 120 that this protection byte code inserts device 130, respectively each protection byte code is inserted among the N-1 and N bit of the corresponding instruction of this program, to produce an encipheror.
Processor state was to produce the insertion position of this each protection byte code when these second protection bit code position generation device, 210 foundations were carried out this program.This protection byte code removal device 220 inputs one encipheror; this encipheror is the protection byte code is inserted in the original program and is encrypted; and according to this second each insertion position N that protects bit code position generation device 210 to be produced, so that the protection byte code in each instruction of this encipheror is removed.
Processor state was to produce the insertion position when this first protection bit code position generation device 120 and this second protection bit code position generation device 210 were this program of foundation execution, and Fig. 2 is its circuit diagram.Each first and second protection bit code position generation device comprises an access status working storage (Access Status Register, ASR) 310, one program state working storage (Program StatusRegister, PSR) 320, one multiplexer 330 and a plurality of insertion position generation device 340-380.
This access status working storage (ASR) 310 is 1 bit, and its value is 1 o'clock, represents the processor access data segment, and its value is 0 o'clock, represents processor access program section.This program state working storage (PSR) 320 is 3 bits, and when its value was 1xx, the representative processing was thought highly of postpone and entered Auto Power On execution bios program state; When its value is 01x, represent processor to be in operating system core (OSKernel) state; Its value is 001 o'clock, represents processor to be in a special authentication procedure state; Its value is 000 o'clock, represents processor to be in general user's program state.
PPG_Mode signal among Fig. 2 is to be used for selecting the output signal PBP of this multiplexer 330 and the relation between the input signal.This PPG_Mode signal is to be combined by this access status working storage (ASR) 310 and this 320 of program state working storage (PSR), that is PPG_Mode={ASR, PSR[2:0]).When the processor access data segment, the value of this access status working storage (ASR) 310 is 1, and PPG_Mode=1xxx, this multiplexer 330 can select the output signal PBP of generation device 380 outputs in insertion position as this multiplexer 330.And behind processor reset, when entering Auto Power On execution bios program state, the value of this access status working storage (ASR) 310 is 0, the value of this program state working storage (PSR) 320 is 1xx, and this multiplexer 330 can be selected the output signal PBP of generation device 340 outputs in insertion position as this multiplexer 330.
These a plurality of insertion position generation device 340-380 are to produce the insertion position according to its intended function.Wherein, this insertion position generation device 380 can be device, and with the no insertion position of expression, its output signal is 000000b.This insertion position generation device 340 be with a set-point x via modulo operation producing the insertion position, that is, F1 (x)=(x mod 32).This insertion position generation device 350 deducts one second set-point via modulo operation with one first set-point, producing the insertion position, that is, F2 (x)=31-(x mod 32).
This insertion position generation device 360 with one first set-point with after the part address lines value of this processor combines, again via modulo operation, producing the insertion position, that is, F3 (x, a)=[(x+{a[0], a[1], a[2], a[3], a[4]) mod 32].This insertion position generation device 370 is with a set-point x[4:0] be inverted, with the generation insertion position, that is, F4 (x)=and x[0], x[1], x[2] and, x[3], x[4].This insertion position generation device also can be with this access status working storage (ASR) 3 10 with after this program state working storage (PSR) 320 combines, to produce the insertion position, or with this location status working storage with after this program state working storage combines, again via modulo operation, to produce the insertion position.
K1 among Fig. 2, K2, K3 and K4 provide a set-point to these a plurality of insertion position generation device 340-380 respectively, and it can be burned onto a hardware circuit earlier, also can be working storage, and are gone to set by system.So, can produce different protection byte code insertion positions to distinct program and processor state of living in.
When Fig. 3 shows K1=K2=K3=K4=3, this a plurality of insertion positions generation device 340,350 and the 380 different protection byte code insertion positions that produce.Wherein, F1 (x)=(x mod 32)=3, representative is handled and is thought highly of postpone, and when entering Auto Power On execution bios program state, its protection byte code insertion position is a bit 3.F2 (x)=[31-(x mod 32)]=28, when representing processor to be in operating system core (OS Kernel) state, its protection byte code insertion position is a bit 28.F4 (x)=and x[0], x[1], x[2] and, x[3], x[4]={ 11000b}=24, when representing processor to be in general user's program state, its protection byte code insertion position is a bit 24.
When Fig. 4 shows K3=3, this insertion position generation device 360 different protection byte code insertion position that produces.F3(x,a)=(x+{a[0],a[1],a[2],a[3],a[4]})mod?32=(3+{a[0],a[1],a[2],a[3],a[4]})mod?32。When representing processor to be in an authentication procedure, its protection byte code insertion position will present variation as shown in Figure 4, and makes this authentication procedure sign indicating number be difficult to steal or decipher.
The output signal PBP of this multiplexer 330 (P-bit Bit Position) is by being made up of 6 bits, wherein PBP[5] cloth woods value represent PBP[4:0] in whether be protection byte code insertion position.As PBP[5:0]=during 0xxxxxb, expression PBP[4:0] unprotect byte code insertion position.As PBP[5:0]=during 100101b, expression PBP[4:0] be protection byte code insertion position, and should protection byte code insertion position in the position of 00101b=5.Because these a plurality of insertion position generation device 340-370 all can produce protection byte code insertion position; so its output signal can make up with a noble potential; and form the output signal PBP[5:0 of this multiplexer 330]; wherein; this noble potential forms PBP[5] (be PBP[5]=1), with expression PBP[4:0] serve as protection byte code insertion position.And this a plurality of insertion positions generation device 380 has been a device, with the no insertion position of expression, so its output signal is 000000b, and expression PBP[4:0] unprotect byte code insertion position.
Fig. 5 is the circuit diagram of this protection byte code removal device 220, and it mainly comprises multiplexer 510,520 and 530.The encipheror of its input end 540 inputs one 32 bits; this encipheror will be protected byte code to be inserted in the original program and be encrypted; and according to these second a plurality of insertion position PBP[4:0 that protect bit code position generation device 210 to be produced], so that the protection byte code in the plural number instruction of this encipheror is removed.As PBP[5]=0 the time, expression PBP[4:0] unprotect byte code insertion position, so 510 of this multiplexers are directly exported input end 540.As PBP[5]=1 the time; expression PBP[4:0] for protecting the byte code insertion position; this multiplexer 520 is according to this PBP[4:0] signal; and export this protection byte code; this multiplexer 530 is according to this PBP[4:0] signal, output does not have the instruction of this protection byte code, and the instruction that this protection byte code and this do not have this protection byte code is combined into one 32 bit word groups again; and this multiplexer 510 is because of PBP[5]=1, then it is connect output.
In present embodiment, this protection byte code generation device 110, first is protected bit code position generation device 120, is reached and protect byte code insertion device 130 can use hardware to be achieved, and can also use the software processed offline, and produce an encipheror.This protection byte code removal device 220 and this second protection bit code position generation device 210 can combine with a processor core; these protection byte code removal device 220 these encipherors of input; and according to these second a plurality of insertion position N that protect bit code position generation device 210 to be produced, so that the protection byte code in a plurality of instructions of this encipheror is removed.So, but the program after this processor core correct execution should be deciphered, and encrypted program then needn't be worried to be cracked by other people easily, and reaches the purpose of protection.
Fig. 6 is an another embodiment of the present invention; be to two groups of protection byte codes are inserted in the device that the encipheror in the original program is decrypted; this encipheror has the instruction of plural number, and one of them word group can comprise two encrypted instructions, and each encrypted instruction is 16 bits.This device comprises one the 3rd protection bit code position generation device 610, one the 4th protection bit code position generation device 620, one the 3rd protection byte code removal device 630 and one the 4th protection byte code removal device 640.
Processor state when the 3rd protection bit code position generation device the 610 and the 4th is protected bit code position generation device 620 respectively according to this program of execution is to produce the 3rd insertion position PBP1[4:0 of each protection byte code] and the 4th insertion position PBP2[4:0].
The low half-word group (low halfword) of the 3rd protection byte code removal device 630 these encipherors of input; and according to the 3rd each the 3rd insertion position PBP1[4:0 that protects bit code position generation device 630 to be produced], with PBP1[4:0 with plural the 0th to 15 bit that instructs of this program] the bit removal.The high half-word group (high half word) of the 4th protection byte code removal device 640 these encipherors of input; and according to the 4th each the 4th insertion position PBP2[4:0 that protects bit code position generation device to be produced], with PBP2[4:0 with corresponding the 16th to 31 bit that instructs of this program] the bit removal.
As shown in the above description; technology of the present invention only needs easy hardware can reach the function of encrypting and deciphering; need not the picture known technology and use complicated virtual random number producer; and escapable cost; simultaneously, the generation and the removal hardware of protection byte code are quite simple and easy, can't can increase the encryption and decryption processing time as known technology; and the encryption and decryption processing time that need spend far beyond known technology is for few, so its execution usefulness is better far beyond known technology.
It should be noted that above-mentioned many embodiment give an example for convenience of explanation, the interest field that the present invention advocated should be as the criterion so that claim is described certainly, but not only limits to the foregoing description.
Claims (52)
1. one kind is carried out the device of encipherment protection with the protection byte code to a program, and this program has a plurality of instructions, and each instruction has the I bit, and this I is a positive integer, and this device comprises:
One protection byte code generation device, to produce corresponding a plurality of protection byte codes, each protection byte code has P bit according to a plurality of instructions of this program, and this P is a positive integer;
One first protection bit code position generation device, processor state is to produce the insertion position N of each protection byte code during according to this program of execution for it, and this N is a positive integer; And
One protection byte code inserts device, and the insertion position N according to this first protection bit code position generation device is produced inserts each protection byte code among this program corresponding instruction N-1 and the N bit, to produce an encipheror respectively.
2. device as claimed in claim 1 is characterized in that, also comprises:
One second protection bit code position generation device, its during according to this program of execution processor state to produce the insertion position N of each protection byte code; And
One protection byte code removal device is imported this program, and according to this second insertion position N that protects bit code position generation device to be produced, the correspondence of this program is instructed the N bit remove.
3. device as claimed in claim 2 is characterized in that, processor state was to produce the insertion position when wherein this first and second protection bit code position generation device was according to this program of execution, and each first and second protection bit code position generation device comprises:
One location status working storage is in order to indicate this processor access data segment or access program section;
One program state working storage is in order to indicate this processor state of living in;
A plurality of insertion positions generation device, according to its intended function to produce the insertion position; And
One multiplexer, it has a plurality of input ends, being coupled to the output terminal of this a plurality of insertion positions generation device, and according to this location status working storage and this program state working storage, by selecting an insertion position with as output in a plurality of input ends.
4. device as claimed in claim 3 is characterized in that, wherein this a plurality of insertion positions generation device can be device, with the no insertion position of expression.
5. device as claimed in claim 3 is characterized in that, wherein this a plurality of insertion positions generation device can be with a set-point via functional operation to produce the insertion position.
6. device as claimed in claim 3 is characterized in that, wherein this a plurality of insertion positions generation device can deduct one first set-point one second set-point via functional operation, to produce the insertion position.
7. device as claimed in claim 3 is characterized in that, wherein this a plurality of insertion positions generation device can be with one first set-point with after this processor part address value combines, again via functional operation, to produce the insertion position.
8. device as claimed in claim 3 is characterized in that, wherein this a plurality of insertion positions generation device can be with this location status working storage with after this program state working storage combines, to produce the insertion position.
9. device as claimed in claim 3 is characterized in that, wherein this a plurality of insertion positions generation device can be clamored with after this program state working storage combine, again via functional operation, with the generation insertion position this location status is temporary.
10. device as claimed in claim 2 is characterized in that, wherein this protection byte code removal device also can be located and the corresponding N bit that instructs of this program is moved to most significant digit unit according to this second insertion position N that protects bit code position generation device to be produced.
11. device as claimed in claim 2 is characterized in that, this protection byte code removal device insertion position N that also can be produced according to this second protection bit code position generation device wherein, and the N bit of the corresponding instruction of this program is moved to minimum bit place.
12. device as claimed in claim 2 is characterized in that, this protection byte code removal device insertion position N that also can be produced according to this second protection bit code position generation device wherein, and the correspondence instruction of this program is directly exported.
13. device as claimed in claim 3 is characterized in that, wherein I+P=32.
14. device as claimed in claim 3 is characterized in that, wherein I=32.
15. the device that an encipheror is decrypted, this encipheror will be protected byte code to be inserted in the original program and encrypt, this encipheror has the plural number instruction, and this device comprises:
One second protection bit code position generation device, its during according to this program of execution processor state to produce the insertion position of these a plurality of protection byte codes; And
One protection byte code removal device is imported this program, and according to the insertion position N that this second protection bit code position generation device is produced, removes with the N bit that this program correspondence is instructed.
16. device as claimed in claim 15 is characterized in that, processor state was to produce the insertion position when wherein this second protection bit code position generation device was according to this program of execution, and this second protection bit code position generation device comprises:
One location status working storage is in order to indicate this processor access data segment or access program section;
One program state working storage is in order to indicate the residing state of this processor;
A plurality of insertion positions generation device, according to its intended function to produce the insertion position; And
One multiplexer, it has a plurality of input ends, being coupled to the output terminal of this a plurality of insertion positions generation device, and according to this location status working storage and this program state working storage, by selecting an insertion position with as output in a plurality of input ends.
17. device as claimed in claim 16 is characterized in that, wherein this a plurality of insertion positions generation device can be device, with the no insertion position of expression.
18. device as claimed in claim 16 is characterized in that, wherein this a plurality of insertion positions generation device can be with a set-point via functional operation to produce the insertion position.
19. device as claimed in claim 16 is characterized in that, wherein this a plurality of insertion positions generation device can deduct one first set-point one second set-point via functional operation, to produce the insertion position.
20. device as claimed in claim 16 is characterized in that, wherein this a plurality of insertion positions generation device can be with one first set-point with after the part address value of this processor combines, again via functional operation, to produce the insertion position.
21. device as claimed in claim 16 is characterized in that, wherein this a plurality of insertion positions generation device can be with this location status working storage with after this program state working storage combines, to produce the insertion position.
22. device as claimed in claim 16 is characterized in that, wherein this a plurality of insertion positions generation device can be with this location status working storage with after this program state working storage combines, again via functional operation, to produce the insertion position.
23. device as claimed in claim 16 is characterized in that, wherein I+P=32.
24. device as claimed in claim 16 is characterized in that, wherein I=32.
25. the device that an encipheror is decrypted, this encipheror is inserted in two groups of protection byte codes in the original program and encrypts, and this encipheror has the plural number instruction, and one of them word group can comprise two encrypted instructions, and this device comprises:
One the 3rd protection bit code position generation device, its during according to this program of execution processor state to produce the 3rd insertion position of these a plurality of protection byte codes;
One the 4th protection bit code position generation device, its during according to this program of execution processor state to produce the 4th insertion position of these a plurality of protection byte codes; And
One the 3rd protects the byte code removal device, imports the low half-word group of this encipheror, and according to the 3rd the 3rd insertion position N1 that protects bit code position generation device to be produced, with the 0th mat woven of fine bamboo strips N1 bit removal to (K-1) bit with the corresponding instruction of this program; And
One the 4th protection byte code removal device is imported the high half-word group of this encipheror, and the 4th insertion position N2 that is produced according to the 4th protection bit code position generation device, so that the K of the corresponding instruction of this program is removed to the N2 bit of (2K-1) bit.
26. device as claimed in claim 25 is characterized in that, wherein K=16.
27. one kind is carried out the method for encipherment protection with the protection byte code to a program, this program has a plurality of instructions, and each instruction has the I bit, and this I is a positive integer, and this method comprises the following step:
One protection byte code produces step, and to produce corresponding a plurality of protection byte codes, each protection byte code has P bit according to a plurality of instructions of this program, and this P is a positive integer;
One first protection bit code position produces step, and processor state is to produce the insertion position N of each protection byte code during according to this program of execution for it, and this N is a positive integer; And
One protection byte code inserting step produces the insertion position N that step produced according to this first protection bit code position, respectively each protection byte code is inserted among the N-1 and N bit of the corresponding instruction of this program, to produce an encipheror.
28. method as claimed in claim 27 is characterized in that, it also comprises the following step:
One second protection bit code position produces step, its during according to this program of execution processor state to produce the insertion position N of each protection byte code; And
One protection byte code is removed step, imports this program, and produces the insertion position N that step produced according to this second protection bit code position, so that the N bit of the corresponding instruction of this program is removed.
29. method as claimed in claim 28; it is characterized in that; processor state was to produce the insertion position when wherein this first and second protection bit code position produced step according to this program of execution; wherein; one location status flag is in order to indicate this processor access data segment or access program section; one program state flag is in order to indicate the residing state of this processor, and each first and second protection bit code position produces step and also comprises the following step:
A plurality of insertion positions produce steps, according to its intended function to produce the insertion position; And
One multiplex's step according to this location status flag and this program state flag, by the output that a plurality of insertion positions produce steps, selects an insertion position with as output.
30. method as claimed in claim 29 is characterized in that, wherein these a plurality of insertion positions produce step and can be step, with the no insertion position of expression.
31. method as claimed in claim 29 is characterized in that, wherein these a plurality of insertion positions produce steps can be with a set-point via functional operation to produce the insertion position.
32. method as claimed in claim 29 is characterized in that, wherein these a plurality of insertion positions generation steps can deduct one first set-point one second set-point via functional operation, to produce the insertion position.
33. method as claimed in claim 29 is characterized in that, wherein these a plurality of insertion positions produce steps can be with one first set-point with after the part address value of this processor combines, again via functional operation, with the generation insertion position.
34. method as claimed in claim 29 is characterized in that, wherein these a plurality of insertion positions produce steps can be with this location status flag with after this program state flag combines, with the generation insertion position.
35. method as claimed in claim 29 is characterized in that, wherein these a plurality of insertion positions produce steps can be with this location status flag with after this program state flag combines, again via functional operation, with the generation insertion position.
36. method as claimed in claim 28 is characterized in that, wherein this protection byte code is removed step and also can be produced the insertion position N that step produced according to this second protection bit code position, and the N bit of the corresponding instruction of this program is moved to most significant digit unit place.
37. method as claimed in claim 28 is characterized in that, wherein this protection byte code is removed step and also can be produced the insertion position N that step produced according to this second protection bit code position, and the N bit of the corresponding instruction of this program is moved to minimum bit place.
38. method as claimed in claim 28 is characterized in that, wherein this protection byte code is removed step and also can be produced the insertion position N that step produced according to this second protection bit code position, and with directly output of the corresponding instruction of this program.
39. method as claimed in claim 29 is characterized in that, wherein I+P=32.
40. method as claimed in claim 29 is characterized in that, wherein I=32.
41. the method that an encipheror is decrypted, this encipheror will be protected byte code to be inserted in the original program and encrypt, this encipheror has the plural number instruction, and this method comprises the following step:
One second protection bit code position produces step, its during according to this program of execution processor state to produce the insertion position of these a plurality of protection byte codes; And
One protection byte code is removed step, imports this program, and produces the insertion position N that step produced according to this second protection bit code position, so that the N bit of the corresponding instruction of this program is removed.
42. method as claimed in claim 40; it is characterized in that; processor state was to produce the insertion position when wherein this second protection bit code position generation step was this program of foundation execution; wherein; one location status flag is in order to indicate this processor access data segment or access program section; one program state flag is in order to indicate the residing state of this processor, and this second protection bit code position produces step and also comprises the following step:
A plurality of insertion positions produce steps, according to its intended function to produce the insertion position; And
One multiplex's step according to this location status flag and this program state flag, by the output that a plurality of insertion positions produce steps, selects an insertion position with as output.
43. method as claimed in claim 42 is characterized in that, wherein these a plurality of insertion positions produce step and can be step, with the no insertion position of expression.
44. method as claimed in claim 42 is characterized in that, wherein these a plurality of insertion positions produce steps can be with a set-point via functional operation to produce the insertion position.
45. method as claimed in claim 42 is characterized in that, wherein these a plurality of insertion positions generation steps can deduct one first set-point one second set-point via functional operation, to produce the insertion position.
46. method as claimed in claim 42 is characterized in that, wherein, these a plurality of insertion positions produce steps can be with one first set-point with after the part address value of this processor combines, again via functional operation, with the generation insertion position.
47. method as claimed in claim 42 is characterized in that, wherein these a plurality of insertion positions produce steps can be with this location status working storage with after this program state working storage combines, with the generation insertion position.
48. method as claimed in claim 42 is characterized in that, wherein these a plurality of insertion positions produce steps can be with this location status working storage with after this program state working storage combines, again via functional operation, with the generation insertion position.
49. method as claimed in claim 42 is characterized in that, wherein I+P=32.
50. method as claimed in claim 42 is characterized in that, wherein I=32.
51. the method that an encipheror is decrypted, this encipheror is inserted in two groups of protection byte codes in the original program and encrypts, and this encipheror has the instruction of plural number, and one of them word group can comprise two encrypted instructions, and this method comprises the following step:
One the 3rd protection bit code position produces step, its during according to this program of execution processor state to produce the 3rd insertion position of these a plurality of protection byte codes;
One the 4th protection bit code position produces step, its during according to this program of execution processor state to produce the 4th insertion position of these a plurality of protection byte codes; And
One the 3rd protects byte code removal step, imports the low half-word group of this encipheror, and produces the 3rd insertion position N1 that step produced according to the 3rd protection bit code position, with the 0th N1 bit removal to (K-1) bit that this program correspondence is instructed; And
One the 4th protection byte code is removed step, imports the high half-word group of this encipheror, and produces the 4th insertion position N2 that step produced according to the 4th protection bit code position, so that the K of the corresponding instruction of this program is removed to the mat woven of fine bamboo strips N2 bit of (2K-1) bit.
52. method as claimed in claim 51 is characterized in that, wherein K=16.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2004100018213A CN100353274C (en) | 2004-01-14 | 2004-01-14 | Apparatus for encrypting protection to a programme using guard bit element code |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CNB2004100018213A CN100353274C (en) | 2004-01-14 | 2004-01-14 | Apparatus for encrypting protection to a programme using guard bit element code |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN1641514A true CN1641514A (en) | 2005-07-20 |
| CN100353274C CN100353274C (en) | 2007-12-05 |
Family
ID=34867207
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CNB2004100018213A Expired - Fee Related CN100353274C (en) | 2004-01-14 | 2004-01-14 | Apparatus for encrypting protection to a programme using guard bit element code |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN100353274C (en) |
Family Cites Families (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| US5515307A (en) * | 1994-08-04 | 1996-05-07 | Bell Communications Research, Inc. | Pseudo-random generator |
| FI102936B (en) * | 1996-03-04 | 1999-03-15 | Nokia Telecommunications Oy | Improving security of packet transmission in a mobile communication system |
| CA2249540C (en) * | 1996-03-18 | 2006-02-21 | Kabushiki Kaisha Toshiba | Coding system and decoding system |
| US6104811A (en) * | 1996-08-16 | 2000-08-15 | Telcordia Technologies, Inc. | Cryptographically secure pseudo-random bit generator for fast and secure encryption |
-
2004
- 2004-01-14 CN CNB2004100018213A patent/CN100353274C/en not_active Expired - Fee Related
Also Published As
| Publication number | Publication date |
|---|---|
| CN100353274C (en) | 2007-12-05 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US7406174B2 (en) | System and method for n-dimensional encryption | |
| KR101324825B1 (en) | Message authentication code pre-computation with applications to secure memory | |
| JP2008530663A (en) | Microprocessor data security method and system | |
| WO2009064794A2 (en) | Method and apparatus of providing the security and error correction capability for memory storage devices | |
| US20040177257A1 (en) | Data processing device and data processing method | |
| KR20090080032A (en) | Method and system to provide security implementation for storage devices | |
| CN108830096B (en) | Data processing method and device, electronic equipment and storage medium | |
| JP2005018725A5 (en) | ||
| FR2976147A1 (en) | DATA INTERLACEMENT DIAGRAM FOR AN EXTERNAL MEMORY OF A SECURE MICROCONTROLLER | |
| CN104732159A (en) | File processing method and file processing device | |
| CN112069551A (en) | Electronic circuit | |
| CN116186742A (en) | Method, device and equipment for encrypting and storing arrow-mounted data | |
| CN1588328A (en) | Data encrypting/de-encrypling method and its device | |
| TWI249666B (en) | Device using parity check bit to carry out data encryption protection and method thereof | |
| CN100353274C (en) | Apparatus for encrypting protection to a programme using guard bit element code | |
| TWI221966B (en) | Device for encrypting/protecting program with protection bit codes | |
| CN115941304A (en) | Data encryption method and device, terminal equipment and computer readable storage medium | |
| US7529365B2 (en) | Device and method of applying check bit to encrypt instruction for protection | |
| JP2011123229A (en) | Program code encryption device and program | |
| JP2008205753A (en) | Signal processor | |
| JP4791971B2 (en) | Data reproduction method and data processing apparatus | |
| CN112242970B (en) | Data segmentation encryption security reinforcing method and device | |
| CN109245884B (en) | Data communication method and device of wind generating set | |
| CN100505619C (en) | Device and method for crypto-protecting data by odd-even check bit | |
| CN100390697C (en) | Device and method for encrypting protection to instruction using check bit element |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| C14 | Grant of patent or utility model | ||
| GR01 | Patent grant | ||
| CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20071205 Termination date: 20150114 |
|
| EXPY | Termination of patent right or utility model |