Publication number | WO2008141992 A1 |

Publication type | Application |

Application number | PCT/EP2008/055912 |

Publication date | Nov 27, 2008 |

Filing date | May 14, 2008 |

Priority date | May 23, 2007 |

Also published as | CN101311942A, CN101311942B, EP2150917A1 |

Publication number | PCT/2008/55912, PCT/EP/2008/055912, PCT/EP/2008/55912, PCT/EP/8/055912, PCT/EP/8/55912, PCT/EP2008/055912, PCT/EP2008/55912, PCT/EP2008055912, PCT/EP200855912, PCT/EP8/055912, PCT/EP8/55912, PCT/EP8055912, PCT/EP855912, WO 2008/141992 A1, WO 2008141992 A1, WO 2008141992A1, WO-A1-2008141992, WO2008/141992A1, WO2008141992 A1, WO2008141992A1 |

Inventors | Wen Tang, Jian Jun Hu |

Applicant | Siemens Aktiengesellschaft |

Export Citation | BiBTeX, EndNote, RefMan |

Patent Citations (4), Non-Patent Citations (1), Referenced by (2), Classifications (8), Legal Events (4) | |

External Links: Patentscope, Espacenet | |

WO 2008141992 A1

Abstract

The present invention relates to the field of computer security, and particularly to a method and an apparatus for encrypting and decrypting software. The decryption process of the present invention comprises the following steps: step 201, selecting t factors of a threshold secret key from n paragraphs of a second software cipher text at random, restoring a first software cipher text and an secret key cipher text PSK from the second software cipher text, wherein n is a positive integer greater than 1, t is a positive integer less than or equal to n; step 202, extracting said secret key cipher text PSK, calculating a second secret key according to said t factors of the threshold secret key, and using the second secret key to decrypt the secret key cipher text PSK into the first secret key SK; and step 203, decrypting said first software cipher text using said first secret key SK, so as to obtain the software's plaintext. The beneficial effects of the present invention are that it enhances the protection of the software encrypting key, and makes it more difficult for a cracker to crack the software by way of tracking the software' s loading process.

Claims (OCR text may contain errors)

1. A method for encrypting software, comprising the following steps : step 101: encrypting a software plaintext in a storage medium into a first software cipher text by using a first encryption module, wherein an secret key for decryption is a first secret key SK; step 102: generating a second secret key by a second encryption module using n factors of a threshold secret key, wherein n is a positive integer greater than 1, encrypting said first secret key SK into an secret key cipher text PSK by using the second secret key, and splicing said secret key cipher text PSK into said first software cipher text; and step 103: dividing said secret key cipher text PSK and said first software cipher text as an integrated whole into n paragraphs by using an encapsulation module, and splicing said factors of the threshold secret key into said paragraphs to form a second software cipher text which is stored in said storage medium.

2. The method for encrypting software as claimed in claim 1, characterized in that said encryption method specified in said step 101 comprises a symmetric encryption algorithm or an asymmetric encryption algorithm.

3. The method for encrypting software as claimed in claim 1, characterized in that the threshold secret key algorithm used in said step 102 comprises a Shamir threshold secret key scheme, or an Asmuth-Bloom threshold secret key scheme.

4. The method for encrypting software as claimed in claim 3, characterized in that, in said step 103, said encapsulation module divides said secret key cipher text PSK and the first software cipher text as the integrated whole into n paragraphs; C represents any paragraph in said n paragraphs, and the paragraph C comprises blocks Co, C_{∑}, -, C_{m}-_{lf} wherein the length of each paragraph is equal to the length of a threshold secret key factor k, and the following calculations are performed on each paragraph C and its corresponding k:

in which x is the arithmetic multiplication operation, at the same time a hash value h of the threshold secret key factor k is calculated, the values of C_{0} ^{"} to C_{m}' are combined to form C' , and the C" s of the n paragraphs and their corresponding hash values h are spliced together to form said second software cipher text.

5. A method for decrypting software, comprising the following steps during the process of loading the software: step 201: selecting t factors of a threshold secret key by a decapsulation module from n paragraphs of a second software cipher text at random, wherein t is greater than or equal to 1 and less than or equal to n, and n is a positive integer greater than 1; and restoring a first software cipher text and an secret key cipher text PSK from said second software cipher text; step 202: extracting said secret key cipher text PSK, generating a second secret key by a second decryption module according to said t factors of the threshold secret key, and decrypting the secret key cipher text PSK into a first secret key SK by using the second secret key; and step 203: decrypting said first software cipher text by a first decryption module using said first secret key SK, and transmitting a software plaintext to a CPU, so as to execute the software.

6. The method for decrypting software as claimed in claim

5, characterized in that, in said step 201, said decapsulation module performs calculation on each of the n paragraphs of the second software cipher text: eliminating Co, C_{1}, ... , C_{m}-_{±} according to EO to Em, so as to obtain the equation o=-c_{m}k^{m} +c;_, χk^{m}-^{1} -c_{m}__{2}χk^{m}-^{2} +...+(-Ir^{1}Xc; (PO), k in the equation is solved, when the hash value of k is equal to the corresponding hash value h of the paragraph C" , the values of Co to C_{m}-i are restored from CO to C'_{m}-i by using k, Co to C_{m}-i are combined to obtain the paragraph C which is one of the n paragraphs of the integrated whole of the first software cipher text and the secret key cipher text; n ks are solved, and the first software cipher text and the secret key cipher text PSK are restored from the second software cipher text.

7. The method for decrypting software as claimed in claim

6, characterized in that the polynomial Newton iteration method is used to solve k in said equation (PO) .

8. An apparatus for encrypting software, characterized in that it comprises a first encryption module, a second encryption module and an encapsulation module; said first encryption module encrypts a software plaintext to a first software cipher text using a first secret key SK; said second encryption module, which is connected with said first encryption module, generates a second encryption module using n factors of a threshold secret key, encrypts said first secret key SK into an secret key cipher text PSK using the second secret key, and stores said secret key cipher text PSK into said first software cipher text; and said encapsulation module, which is connected with said second encryption module, divides said first software cipher text into n paragraphs, and splices said factors of the threshold secret key into said paragraphs to form a second software cipher text.

9. An apparatus for decrypting software, characterized in that it comprises a decapsulation module, a second decryption module and a first decryption module; said decapsulation module decapsulates a second software cipher text into a first software cipher text and an secret key cipher text PSK, and selects t factors of a threshold secret key from n paragraphs of the second software cipher text at random; said second decryption module, which is connected with said decapsulation module, generates a second secret key according to said t factors of the threshold secret key, and decrypts the secret key cipher text PSK into the first secret key SK by using the second secret key; said first decryption module, which is connected with said second decryption module, decrypts said first software cipher text by using said first secret key SK, obtains a software plaintext and transmits the same to a CPU so as to execute the software.

Description (OCR text may contain errors)

Description

Method and apparatus for encrypting and decrypting software

Technical field

The present invention relates to the field of computer security, in particular to the field of computer encryption, and specifically to a method and an apparatus for encrypting and decrypting software.

Background art

Nowadays, software has become a commodity with independent value, and the functions, executing processes, coding, etc. in a piece of software tend to become objects plagiarized by competitors and other organizations or individuals . Therefore, software, particularly the software programmed in an intermediate language such as an programming language like Java, .NET, and so on are very easy to be encoded reversely by reverse engineering, for example by using .NET Reflect (a reverse engineering tool from Microsoft) , JAD (a reverse engineering tool from Java) , thereby obtaining the information regarding core algorithms, encoding and so on, and if such information is used in bad faith by crackers, for example by imitating the core algorithms of the software to bypass the registered software and so on, they will causes losses to the developers .

In the prior art, the measures for confusing the crackers in their cracking activities by changing the names of internal functions, rearranging the control flows or other methods have certain effects, which make the software programs reverse-coded difficult to read and understand or even impossible to read and understand, however this kind of protection mechanism to source codes cannot avoid the software program being encoded reversely, so it is still possible for the information of the software program to be lost.

In the article entitled "Using DES Encryption Algorithm to Protect Java Source Code", published in May 2005 in Computer and information technology, is disclosed a solution for encrypting software compiled by Java and decrypting it when running. The solution uses the Data Encryption Standard (DES) to encrypt a Java executable program, stores the encrypted program encoding and secret key in a memory, uses a loader to load the encrypted Java program encoding and key into system, takes out the secret key to decrypt the program encoding, converts it into the form of executable encoding, and loads it into a Java Virtual Machine to run.

The above method is very easy to be traced by crackers, and a cracker can trace every step from starting a program merely by using a debugging tool. If the program accesses a certain file every time when it is running, and obtains the secret key or the system's symbol name from the file, it will make the cracker to think that the file could be the secret key to the program or the comparison table for the system's symbol names, and if the cracker has confirmed that the file is the secret key file, then he will try every possible means to crack the file; and once the file is cracked, the software coding's cipher text can be converted into software coding's plaintext, and the source code of the software can be generated by reverse engineering, thereby causing a loss to the owner of the software .

Contents of the present invention

In order to solve the above problem and to enhance the degree of difficulty in software decompilation, an object of the present invention is to provide a method for encrypting software and a corresponding decryption method, wherein a threshold encryption feature is included, and every time when starting the software the address of threshold secret key factors obtained is different, which makes a cracker unable to decide which one is the secret key address.

The present invention also provides an apparatus for encrypting software and a corresponding decryption apparatus, which can store a plurality of factors of a threshold secret key into different paragraphs of the software and at the time of decryption it can obtain the factors of the threshold secret key from some paragraphs at random for decrypting the software.

Step 101: encrypting a software plaintext in a storage medium into a first software cipher text by using a first encryption module, wherein a secret key for decryption is a first secret key SK; step 102: generating a second secret key by a second encryption module using n factors of a threshold secret key, encrypting said first secret key SK into an secret key cipher text PSK by using the second secret key, and splicing said secret key cipher text PSK into said first software cipher text, wherein n is a positive integer greater than 1; and step 103: dividing said secret key cipher text PSK and said first software cipher text as an integrated whole into n paragraphs by using an encapsulation module, and splicing said factors of the threshold secret key into said paragraphs to form a second software cipher text which is stored in said storage medium.

According to a further aspect of the encryption method of the present invention, said encryption method specified in said step 101 comprises a symmetric encryption algorithm or an asymmetric encryption algorithm.

According to yet a further aspect of the encryption method of the present invention, the threshold secret key algorithm used in said step 102 comprises a Shamir threshold secret key scheme .

According to another further aspect of the encryption method of the present invention, in said step 103, said encapsulation module divides said secret key cipher text PSK and the first software cipher text as the integrated whole into n paragraphs; C represents any paragraph in said n paragraphs, and the paragraph C comprises blocks Co, C_{∑}, - , C_{m}~_{lr} and the following calculations are performed on each paragraph C and its corresponding k:

Q=C_{o}xk (EO)

C_{m}__{x}=C_{m}__{x} xk + C_{m}__{2} (Em-I)

C_{m}=C_{m}__{x} (Em) in which x is the arithmetic multiplication operation, at the same time a hash value h of the threshold secret key factor k is calculated, the values of C_{0} to C_{1n} are combined to form C , and the C s of the n paragraphs and their corresponding hash values h are spliced together to form said second software cipher text.

A method for decrypting software, comprising the following steps during the process of loading the software: step 201: selecting t factors of a threshold secret key by a decapsulation module from n paragraphs of a second software cipher text at random; and restoring a first software cipher text and an secret key cipher text PSK from said second software cipher text, wherein t is greater than or equal to 1 and less than or equal to n, and n is a positive integer greater than 1; step 202: extracting said secret key cipher text PSK, generating a second secret key by a second decryption module according to said t factors of the threshold secret key, and decrypting the secret key cipher text PSK into a first secret key SK by using the second secret key; and step 203: decrypting said first software cipher text by a first decryption module using said first secret key SK, and transmitting a software plaintext to a CPU, so as to execute the software.

According to a further aspect of the decryption method of the present invention, in said step 201, said decapsulation module performs calculation on each of the n paragraphs of the second software cipher text: eliminating Co, Ci, ... C_{m}-i according to EO to Em, so as to obtain the equation

According to yet a further aspect of the decryption method of the present invention, a polynomial Newton iteration method is used to solve k in said equation (PO) .

An apparatus for encrypting software, characterized in that it comprises a first encryption module, a second encryption module and an encapsulation module; said first encryption module encrypts a software plaintext to a first software cipher text using a first secret key SK; said second encryption module, which is connected with said first encryption module, generates a second encryption module using n factors of a threshold secret key, encrypts said first secret key SK into an secret key cipher text PSK using the second secret key, and stores said secret key cipher text PSK into said first software cipher text; and said encapsulation module, which is connected with said second encryption module, divides said first software cipher text into n paragraphs, and splices said factors of the threshold secret key into said paragraphs to form a second software cipher text.

An apparatus for decrypting software, characterized in that it comprises a decapsulation module, a second decryption module and a first decryption module; said decapsulation module decapsulates a second software cipher text into a first software cipher text and an secret key cipher text PSK, and selects t factors of a threshold secret key from n paragraphs of the second software cipher text at random; said second decryption module, which is connected with said decapsulation module, generates a second secret key according to said t factors of the threshold secret key, and decrypts the secret key cipher text PSK into the first secret key SK by using the second secret key; said first decryption module, which is connected with said second decryption module, decrypts said first software cipher text by using said first secret key SK, obtains a software plaintext and transmits the same to a CPU so as to execute the software.

The beneficial effects of the present invention are that it enhances the protection of the software encrypting key, and makes it more difficult for a cracker to crack the software by way of tracking the software's loading process, obtaining the physical address of the secret key by tracing the software loading process, thereby achieving the purpose of cracking the software by analyzing the secret key, and the present invention enhances the current solution of encrypting the software to improve the security thereof by the technology of dynamically storing the secret key.

Brief description of the drawings

Fig. 1 is a flowchart of performing the software encryption according to the present invention;

Fig. 2 is a flowchart of performing the software decryption according to the present invention;

Fig. 3 is a structure scheme of an apparatus for performing the software encryption according to the present invention;

Fig. 4 is a structure scheme of an apparatus for performing the software decryption according to the present invention; and

Fig. 5 is a structural diagram of an apparatus for implementing the present invention.

Detailed description of the preferred embodiments

Hereinbelow, the present invention is explained in detail in combination with the drawings .

The present invention utilizes the theory of a threshold secret key to provide further protection to said first secret key, and splices the factors of the threshold secret key into the encrypted software, so as to make a cracker obtain a different jump address every time he traces the program running, so that the cracker will not be able to determine where to seek said first secret key. The software that can be protected by the present invention is not only limited to executable programs, but also includes functional modules and the software's core algorithms and so on. The current threshold encryption method is to encrypt said first secret key SK to a secret key cipher text PSK by using a random number as a second secret key, and at the same time generates n factors of the threshold secret key for computing the random number; at the time that the secret key needs to be decrypted, it only needs t factors of the threshold secret key (t ≤ n) to generate said second secret key for decryption. The purpose for proposing the threshold cryptography is to disperse the rights and to enhance the security; the dispersion of rights is demonstrated in that when using the threshold cryptography for performing the decryption and if every person holds one secret key factor, the decryption can be accomplished only if the number of participators reach a certain number (the threshold value t) ; security, on the one hand, is to prevent the case that obtaining one key factor makes the encryption meaningless, therefore as long as the number of cracked persons in this group does not reach the threshold value it is still impossible to do the decryption; on the other hand, it is to prevent the case of the loss of a key factor affecting the normal decryption, since the decryption can still be carried out as long as the number of persons having valid key factors is greater than or equal to the threshold value. In the embodiments of the present invention the threshold encryption algorithm uses the Shamir scheme as an example, but it is not limited to the Shamir scheme, it is also possible to use the Asmuth-Bloom threshold secret key scheme.

Before selling a piece of software, the vendor of the software encrypts the software plaintext by using an encryption algorithm which is the currently available symmetric or asymmetric encryption algorithm such as AES, DES or RSA, ECC and so on. If the symmetric encryption algorithm is used, then the encryption secret key of software is the same as the decryption secret key, which can also be used for decryption, and the decryption secret key is the secret key SK (namely, the first secret key) . If the asymmetric encryption algorithm is used, then the encryption secret key has a corresponding relationship with the decryption secret key of said asymmetric
encryption algorithm, and the decryption secret key is the secret key SK (namely, the first secret key) in the present invention. Since the software's secret key SK is critical to whether the software can be cracked or not, the security of the secret key SK is very important, and the present invention specifically uses the Shamir scheme of threshold encryption to generate a second secret key by calculating n factors of the threshold secret key, K_{1}, K_{2}, , K_{n}, the second secret key is used to encrypt the secret key SK into a secret key cipher text PSK, and the secret key cipher text PSK is spliced into the encrypted software, for example it is spliced into the head or tail of the encrypted software. Furthermore, the n factors of the threshold secret key are spliced into different physical paragraphs of the encrypted software by a strong splicing algorithm (or a simple splicing mode), for example, they splice it into the head or tail of the software. In the present invention, it is carried out by: step one, encrypting the software which needs to be protected; step two, encrypting the first secret key SK from step one; and step three, splicing the secret key factors for performing the encryption in step two; while when the software needs to be decrypted in order to run, t (1 ≤ t ≤ n, both t and n are positive integers) factors of the threshold secret key are obtained from the protected software cipher text at random, and then the first secret key SK of encrypted software can be solved from the secret key cipher text PSK by using the Shamir scheme, so as to decrypt the software cipher text. The restoration method of the threshold secret key makes the software loading process have dynamic characteristics, and every time the threshold secret key factors for decryption are obtained from different positions of the software, so it can effectively increase the degree of difficulty for cracking by a cracking method of tracing the software loading process.

A flowchart of software encryption process of the present invention is shown in Fig. 1.

Step 101, select a suitable symmetric encryption algorithm such as AES, DES and so on, and encrypt the software plaintext into a first software cipher text by using a first encryption module, wherein the secret key used is a first secret key SK.

Step 102, protect the aforementioned secret key SK by using the Shamir algorithm in threshold encryption algorithms by a second encryption module, and use the Shamir scheme of Lagrange interpolation polynomial algorithm in a Z_{p} field to generate a t-1 order polynomial, where Z_{p} is a prime field:

P_{n} (x) = α_{0} + Ci_{1}X + a_{2}x^{2} + ... + a_{tΛ}x^{tΛ} wherein the coefficients ao, a_{n} of P_{n}(x) are generated at random.

Let Xi = 1, calculate -P_{n}(I) = cι_{0} +α_{x} + α_{2} +...+ α_{t}__{x} ,

let X_{n} = n, calculate P_{n}(n) = α_{0} +α_{ι}n + cι_{2}n^{2} +... + α_{tΛ}n^{tΛ} . wherein, P_{n}(I),...,P_{n}(«) < 2^{M} , n is a positive integer greater than 1, and t is a positive integer greater than and equal to 1 and less than n.

Then generate n factor pairs of the threshold secret key K_{1} = (1, P_{n}(I)), ... K_{n}= (n, P_{n} (n)), encrypt the secret key SK into the secret key cipher text PSK using ao as the second secret key. Also, splice the secret key cipher text PSK after having been encrypted into the head or tail of said first software cipher text, and in this step a storage method in the prior art can be used.

Step 103, divide the integrated whole of the first software cipher text and key cipher text into n paragraphs by using the encapsulation module, and splice the n factors of the threshold secret key into n paragraphs. Here, the n factors of the secret key can be directly spliced respectively into the head and tail of each paragraph of the first software cipher text, so as to form the second software cipher text which is stored in storage medium, as shown in this figure, the black parts are the factors of the secret key and the white parts are the n paragraphs; and it is also possible to use the following splicing method to form a more complicated second software cipher text.

C represents a certain paragraph of the first software cipher text, wherein each paragraph C comprises Co, C2, ., C_{m}-i, k represents P_{n} (i) of threshold secret key factor pair K_{1}, and the specific splicing process is as follows:

C - C x k (EO)

C C_{1} - - C C_{1} x k + C_{0} (E2)

C C_{7} - — C C_{7} x k + C_{1} (E3)

C_{m}=C_{m}__{x} (Em) wherein x is an arithmetic multiplication operation. As a preferred embodiment, the length of each paragraph C_{1} is equal to the length of k, that is to say length (C_{1}) = length (k) . For example, the software is divided into n paragraphs after being encrypted, in which a certain paragraph C has a length of 128 bytes, while a factor of the secret key has a length of 16 bytes, then C is divided into 8 paragraphs, namely m = 7, and the length of each paragraph C_{1} in C has a length of 16 bytes. At the same time, h = hash (A:) is calculated, namely the hash value of the threshold secret key factor k is recorded, which is used for verifying whether the restored threshold factor is correct or not at the time of decryption. After having
combined C_{0} to C_{1n} to form a complete C", it is then spliced with the hash value h (h is added in front or behind the paragraph C), and then the final software cipher text for storing, namely the second software cipher text, is formed by splicing all the paragraphs Cs and the corresponding hash values h, and the second software cipher text is stored into the storage medium.

In the Shamir threshold encryption scheme, any t factors of the secret key can be used to restore the second secret key ao, so as to decrypt PSK, and therefore the software loader will select t of n factors of the secret key at random for decrypting PSK every time when the encrypted software is loaded, so as to provide a highly powerful protection mechanism with dynamic characteristics to prevent a cracker from tracing and analyzing the software loading process.

Fig. 2 is a flowchart of loading and decrypting software according to the present invention. At the stage of starting the software, the second software cipher text is loaded into the memory from a storage medium by a loader, and in this figure the black parts are the secret key factors, and the white parts are the first software cipher text and PSK; if the splicing method as shown in step 103 is not used in the encryption step, and only n factors of the secret key are directly spliced into the head or tail of the corresponding paragraphs of the software cipher text, then t factors of the secret key can be obtained by directly selecting from the cipher text t paragraphs at random by the decapsulation module in step 201, and the second cipher text is restored into the first cipher text and PSK. If the splicing method as shown in step 103 is used during the encryption, then one cipher text paragraph C and its corresponding hash value h are selected by the decapsulation module, and the factor k of the threshold
secret key carried in that paragraph of the cipher text is restored. The restoration algorithm is as follows: eliminating the Co to C_{m}-ι from EO to Em, substituting

C_{»}i-i ^{=} C_{m}' into (Em-I) to obtain the equation

C_{m}-_{2}

0 = -C_{m}k^{m} + C_{m}__{x} x k^{mΛ} -C_{m}__{2} xk^{m}-^{2} +... + (-Ir-^{1}Xq , which is labeled as PO; the secret key factors Tc are the roots of the aforementioned polynomial, and the roots are found by calculating the polynomial in the numerical field, and Tc can be restored from the second software cipher texts C_{ϋ}', C[,...,C_{m}' . The Newton iteration algorithm is used to seek one or more roots of the polynomial PO in this embodiment.

(a) Let

(Pl) , arbitrarily selecting an initial ko, for example k^=l!(b ) Calculate k_{l+l} = k_{t} - , ' , i=0 to m , /(T) i s the derivative

/(K) of f(k), namely, f'(k) = -C_{m}'xmxk^{m'l} + C_{m}'__{l}x(m-l)xk^{m'2}-C_{m}'__{2}x(m-2)xk^{m'3}+... + (-l)^{m'2}xC_{l}'

(c) Repeat step b, till k_{l}__{l}-k_{l} <1 , then Tc_{1+1} is approximate to the root of Pl.

(d) If hash (Tc_{1+1}) = h, or hash (Tc_{1+1}+1) = h, hash (Tc_{1+1}-I) = h, wherein h is the h value in the encryption step (4) , then the Tc_{1+1} calculated in this step is the factor Tc of the threshold secret key in the encryption step, and jump to step (f) ; if it is not equal, then the algorithm for finding the numerical root Tc fails, enter into step (e) . Said Hash algorithm in the present invention is a one-way algorithm, that is to say, the original data cannot be deduced inversely after the data are calculated, and therefore if it is necessary to compare whether
the data are altered before and after they are transmitted, it is only necessary to make a comparison of the hash values before and after the transmission.

(e) If k is not found in step (d) , then it means that PO has several real roots, and the other real roots can be obtained by the following method:

Use the root k_{1+1} obtained in step (d) as a new k_{0}.

Let b_{0} =—C_{m}' , b_{k} = (-I)* ' ^{χ}C_{m}'__{k} + k_{0} xb_{k}__{x} , where k = 1 , 2, ..., m-1, and then establish a new polynomial,

Calculate all of the real roots of PO by this step (e) , and repeat to check step (d) every time after passing step (e) to determine whether or not the real secret key factor has been obtained, and then obtain the factor k of the threshold secret key.

(f) After having obtained the factor k of the secret key in a cipher text paragraph, substitute it back to EO to Em, and restore the first software cipher text C^C_{2},...,C_{1n} from the second software cipher text C_{0}, C_{1},...,C_{1n} .

Perform steps a-f on n paragraphs C to obtain all the factors k of the threshold secret key needed in decrypting the secret key cipher text PSK, and restore all the cipher text C by using k to form the first software cipher text.

Step 202, after restoring the t factors of the threshold secret key, K_{1} = (x_{ir} P_{n}(X_{1})), l≤i≤t, establish a new polynomial by using t
ks by the second decryption module

wherein, y

Extract PSK in the first software cipher text, and use ao as the secret key for decrypting the secret key cipher text PSK, so as to obtain the first secret key SK for decrypting the encrypted software.

Step 203, decrypt the encrypted software by using SK by the first encryption module, so as to obtain the original software plaintext .

A CPU operates according to the software plaintext.

A schematic diagram of an encryption apparatus of the present invention is shown in Fig. 3, which comprises a first encryption module, a second encryption module and an encapsulation module; said first encryption module encrypts a software plaintext into a first software cipher text by using a first secret key SK; said second encryption module, which is connected with said first encryption module, generates a second encryption module using n factors of a threshold secret key, encrypts said first secret key SK into an secret key cipher text PSK by using the second secret key, and stores said secret key cipher text PSK into said first software cipher text; and said encapsulation module, which is connected with said second encryption module, divides said first software cipher text into n paragraphs, and splices said factors of the threshold secret key into said paragraphs to form a second software cipher text. A schematic diagram of a decryption apparatus of the present invention is shown in Fig. 4, which comprises a decapsulation module, a second decryption module and a first decryption module; said decapsulation module decapsulates a second software cipher text into a first software cipher text, and selects t factors of a threshold secret key from n paragraphs of the second software cipher text at random; said second decryption module, which is connected with said decapsulation module, generates a second secret key according to said t factors of the threshold secret key, and decrypts the secret key cipher text PSK into the first secret key SK by using the second secret key; said first decryption module, which is connected with said second decryption module, decrypts said first software cipher text by using said first secret key SK, so as to obtain a software plaintext.

A schematic operation diagram of an apparatus of the present invention is shown in Fig. 5. It comprises a loader for loading software from a storage medium, and also the encryption apparatus as shown in Fig. 4, here redundant description on the same parts is not repeated. The loader loads the second software cipher text from the storage medium (for example a hard disk) , and inputs it into said decryption apparatus which transforms said second software cipher text to the software plaintext, and then transmits it to the CPU for executing .

The beneficial effects of the present invention are that, it encrypts executable software so as to make it impossible for a cracker to obtain the secret key by simply tracing the software loading process, so that it prevents the software from being decrypted and compiled by way of reverse engineering and so on. It enhances the protection to the software's secret key, and makes it more difficult for crackers to obtain the physical address of the secret key by tracing the software loading process so as to achieve the object of cracking the software by analyzing the secret key; and the present invention, by way of the technology of dynamically storing the secret key, enhances the currently available solutions of encrypting the software for improving the security thereof.

The above particular embodiments are only used to describe the present invention, not to define the present invention.

Patent Citations

Cited Patent | Filing date | Publication date | Applicant | Title |
---|---|---|---|---|

WO2000041357A1 * | Jan 7, 2000 | Jul 13, 2000 | Nortel Networks Limited | Exchanging a secret over an unreliable network |

WO2002025415A2 * | Sep 21, 2001 | Mar 28, 2002 | Edc Systems, Inc. | Systems and methods for preventing unauthorized use of digital content |

US5915025 * | Jan 15, 1997 | Jun 22, 1999 | Fuji Xerox Co., Ltd. | Data processing apparatus with software protecting functions |

US6236729 * | Jun 5, 1998 | May 22, 2001 | Hitachi, Ltd. | Key recovery method and system |

Non-Patent Citations

Reference | ||
---|---|---|

1 | * | MENEZES ET AL: "HANDBOOK OF APPLIED CRYPTOGRAPHY" HANDBOOK OF APPLIED CRYPTOGRAPHY, BOCA RATON, FL, CRC PRESS.; US, US, 1 January 1997 (1997-01-01), pages 567-570,546, XP002356115 ISBN: 978-0-8493-8523-0 |

Referenced by

Citing Patent | Filing date | Publication date | Applicant | Title |
---|---|---|---|---|

US9686679 * | Mar 30, 2015 | Jun 20, 2017 | Alibaba Group Holding Limited | Transmission of beacon message |

US20150289133 * | Mar 30, 2015 | Oct 8, 2015 | Alibaba Group Holding Limited | Transmission of Beacon Message |

Classifications

International Classification | G06F21/22, H04L9/08 |

Cooperative Classification | H04L9/085, G06F21/602, G06F21/14 |

European Classification | G06F21/14, G06F21/60A, H04L9/08F6 |

Legal Events

Date | Code | Event | Description |
---|---|---|---|

Jan 14, 2009 | 121 | Ep: the epo has been informed by wipo that ep was designated in this application | Ref document number: 08759593 Country of ref document: EP Kind code of ref document: A1 |

Nov 24, 2009 | ENP | Entry into the national phase in: | Ref document number: 2010508801 Country of ref document: JP Kind code of ref document: A |

Nov 24, 2009 | NENP | Non-entry into the national phase in: | Ref country code: DE |

Nov 24, 2009 | WWE | Wipo information: entry into national phase | Ref document number: 2010508801 Country of ref document: JP |

Rotate