CN120217407A - A security software protection method - Google Patents

Abstract

The invention discloses a security software protection method, which relates to the technical field of software protection and comprises the steps of constructing a dynamic link library, introducing different encryption strategies into the constructed dynamic link library, dividing application software to obtain different software components, respectively associating the different software components with the encryption strategies introduced into the dynamic link library, performing tamper-proof data protection on data files in the application software, providing multi-aspect protection on the software by adopting different encryption modes at different stages of the software, requiring registration verification through face information before the software operates, providing tamper-proof and backup functions by adopting an RSA encryption algorithm when the software operates, and providing comprehensive security protection from registration to operation so as to improve the security protection of the software.

Description

Safety software protection method

Technical Field

The invention relates to the technical field of software protection, in particular to a safety software protection method.

Background

The importance of software protection is becoming increasingly prominent, and thus a variety of software protection techniques have emerged to cope with different ways of cracking.

Along with the development of the software protection technology, the software cracking technology is updated and iterated correspondingly and continuously. From another point of view, it can be said that the development of software cracking technology has prompted the advancement of protection technology. Some protection methods currently exist more or less in the possibility of being broken, but only in the time and resource problems.

Due to the maturity and popularization of fingerprint and face recognition technologies, a protection technology based on biological feature recognition is induced. The biological recognition technology has wide application prospect, considerable economic benefit and social benefit due to the characteristics of simplicity, rapidness, safety, reliability, accuracy and high efficiency. Biometric technology is a technology that characterizes a person with features that are inherent to humans, which are stable as life grows, and which are able to uniquely identify (or to some extent) the person. Biometric authentication, also known as "biometric identification", is a process of identity authentication and identification judgment for confirming the purported identity by uniquely identifiable biometric features such as fingerprints and faces. It aims to allow a user to prove his or her identity by providing a biometric sample and an associated unique identification code in order to gain access to a secure environment.

How to use different encryption modes for different application software stages, so as to improve the safety of the application software is a problem which needs to be solved, and therefore, a safety software protection method is provided.

Disclosure of Invention

The software protection technology is a comprehensive computer technology, and can relate to the contents of the bottom layer such as hardware, a driver, an operating system, a network protocol database, software programming and the like. Software protection techniques can be largely divided into soft encryption and hard encryption. Hard encryption means that encrypted information is stored in a certain hardware device, and when a certain program is run, corresponding auxiliary hardware must be inserted, and if a corresponding key can be detected in a storage area of the hardware, the software can be used. Compared with software encryption, the hardware encryption has higher reliability in the aspect of data security, and is plug and play, does not need to install encryption password software, and is more convenient to use. The software encryption is lower than hardware encryption in technology and cost, is easy to realize and has high cost performance;

the invention aims to provide a security software protection method.

The invention aims at realizing the following technical scheme that the safety software protection method comprises the following steps:

s1, constructing a dynamic link library, and introducing different encryption strategies into the constructed dynamic link library;

step S2, dividing application software to obtain different software components, and respectively associating the different software components with encryption strategies introduced in the dynamic link library;

and step S3, tamper-proof data protection is carried out on the data files in the application software.

Further, the dynamic link library comprises an import table, an export table, a resource section, a code section, a data section, a positioning table and a DLL head;

the import table is used for linking external application software;

The export table is used for storing different encryption strategies;

The resource segment is used for storing resources used in DLLs, such as icons, bitmaps, dialog templates and character strings;

the code segment is used for storing executable codes;

The data segment is used for storing global data and variables;

the positioning table is used for adjusting codes and data addresses when the DLL is loaded;

The DLL header includes information about the version, size, entry point of the DLL.

Further, the process of dividing the application software to obtain different software components includes:

dividing the application software into a plurality of software components, wherein the software components comprise an application registration part, an application use verification part and a software main body part

The application registration part is used for registering identity information of the user;

the application use verification part is used for performing face recognition authentication on the user before using the application software, namely, the user needs to access the database resource of the server side through the network to perform characteristic information comparison;

And the software main body part is used for managing the data files in the application software after the application software is operated.

Further, the process of registering the identity information of the user comprises the following steps:

The user firstly needs to shoot or upload the face photo containing the face information of the user in the album through the camera to register, the face photo shot or in the photo is uploaded to the server, the corresponding face information is obtained through processing the face photo, and the obtained face information is uploaded to the server for storage.

Further, the processing process of the face photo is as follows:

converting the color image into a gray image by a weighted average method;

Detecting key points of the obtained gray level image, scaling the coordinates of the detected key points to the same size according to the scale, and translating all the key points to the same reference position;

after normalization processing of the key points is completed, euclidean distance among the key points, included angles formed by the key points and distance ratio among the key points are obtained, so that corresponding distance characteristics, angle characteristics and proportion characteristics are obtained;

And constructing corresponding feature vectors according to the obtained geometric features to serve as face recognition information.

Further, the process of the application use verification part for the face recognition authentication of the user before using the application software comprises the following steps:

Firstly, acquiring a user face image through a camera, uploading the user face image to a server, obtaining corresponding face information through corresponding face image processing, comparing and matching the obtained face information with user face information stored in the server, if matching is successful, determining that the user identity is legal, feeding back a result to application software by the server, and authorizing the application software to start related functions of the software;

in order to prevent a software destructor from unlimited copying and impersonating the identity of a legal user through common attack means such as photos, screen shots and the like, the software bypasses software authorization authentication, living body recognition is needed before the face recognition is carried out on the software, the living body detection uses technologies such as face key point positioning, face tracking and the like, and whether the user is a real living body is verified by making the user face a camera to cooperate with combination actions such as blinking, opening mouth, head shaking, nodding and the like.

Further, the process of tamper-proof data protection of the data file in the application software comprises:

Converting a data file generated in the application software into a corresponding data stream, reading the data length of the data stream, and marking the data length as L;

Setting a data length threshold L0;

if L is less than or equal to L0, not processing the data stream, otherwise if L is more than L0, decomposing the data stream into a plurality of data stream fragments;

Marking the data stream converted by the data file or the data stream fragments differentiated by the data stream as plaintext data, and marking the length of the plaintext data as m;

encrypting the obtained plaintext data, namely:

then prime q and prime p are set, where q >1024, p >1024;

Multiplying the prime number q with the prime number p to obtain a corresponding product, and recording the product as n;

Wherein n=q×p;

Based on the prime number q and the prime number p, obtaining a corresponding Euler function, which is marked as phi (q, p);

Wherein Φ (q, p) = (p-1) × (q-1);

setting a public key index, and marking the public key index as e, wherein in the implementation process, the public key index e needs to meet 1<e < phi (q, p) and is mutually similar to phi (q, p);

Obtaining a corresponding private key index according to the set public key index, and marking the private key index as d;

wherein d×e≡1 (mod φ (n));

Respectively obtaining a public key and a private key, wherein the public key is (n, e), and the private key is (n, d);

encrypting the plaintext data according to the obtained public key to obtain encrypted data, and marking the encrypted data as c;

wherein c≡m ^e (modn);

acquiring a hash value of plaintext data, and recording the acquired hash value as a message digest of encrypted data and as a hash;

wherein hash=h (m), H being a hash function;

Encrypting the obtained message digest according to the obtained private key to obtain a corresponding digital signature, which is recorded as signature;

Signature=hashd(modn);

transmitting the encrypted data and the digital signature to a user;

the user decrypts the received encrypted data and verifies whether the data has been tampered with.

Further, the process of decrypting the received encrypted data by the user and verifying whether the data is tampered with includes:

the user calculates the received encrypted data to obtain a hash value of the received encrypted data;

decrypting the received digital signature through the public key to obtain an original message digest;

Comparing the obtained hash value of the received encrypted data with the obtained original message abstract, and if the comparison result is consistent, indicating that the data file is not tampered, wherein the anti-regularization indicates that the data file is tampered or the digital signature is not matched.

Compared with the prior art, the invention has the beneficial effects that:

The method comprises the steps of providing multi-aspect protection of software by adopting different encryption modes at different stages of the software, requiring registration and verification of face information before the software operates, providing tamper-proof and backup functions by adopting an RSA encryption algorithm when the software operates, and providing comprehensive safety protection from registration to operation of the software so as to improve the safety protection of the software.

Drawings

In order to more clearly illustrate the embodiments of the present application or the technical solutions in the prior art, the drawings required for the embodiments will be briefly described below, and it is apparent that the drawings in the following description are only some embodiments described in the present application, and other drawings may be obtained according to these drawings for a person having ordinary skill in the art.

FIG. 1 is a flow chart of the present invention.

Detailed Description

As shown in fig. 1, a method for protecting security software includes the following steps:

s1, constructing a dynamic link library, and introducing different encryption strategies into the constructed dynamic link library;

step S2, dividing application software to obtain different software components, and respectively associating the different software components with encryption strategies introduced in the dynamic link library;

and step S3, tamper-proof data protection is carried out on the data files in the application software.

It should be further noted that, in the implementation process, the dynamic link library includes an import table, an export table, a resource section, a code section, a data section, a location table and a DLL header;

the import table is used for linking external application software;

The export table is used for storing different encryption strategies;

The resource segment is used for storing resources used in DLLs, such as icons, bitmaps, dialog templates and character strings;

the code segment is used for storing executable codes;

The data segment is used for storing global data and variables;

the positioning table is used for adjusting codes and data addresses when the DLL is loaded;

The DLL header includes information about the version, size, entry point of the DLL.

It should be further noted that, in the implementation process, the process of dividing the application software to obtain different software components includes:

Dividing application software into a plurality of software components, wherein the software components comprise an application registration part, an application use verification part and a software main body part;

The application registration part is used for registering identity information of the user, and the specific process comprises the following steps:

Firstly, a user needs to shoot or upload a face photo containing face information of the user in an album through a camera to register, the face photo shot or in the photo is uploaded to a server, the corresponding face information is obtained through processing the face photo, and the obtained face information is uploaded to the server for storage;

The processing process of the face photo comprises the following steps:

color images are typically composed of three color channels, red, green and Blue, RGB for short, each channel containing an intensity value between 0 and 255;

for a color pixel, its RGB values can be expressed as:

Pixel=(R,G,B);

converting the color image into a gray image by a weighted average method, wherein the obtained gray value is Y;

Y=0.299R+0.587G+0.114B;

Detecting key points of the obtained gray level image, scaling the coordinates of the detected key points to the same size according to the scale, and translating all the key points to the same reference position;

after normalization processing of the key points is completed, euclidean distance among the key points, included angles formed by the key points and distance ratio among the key points are obtained, so that corresponding distance characteristics, angle characteristics and proportion characteristics are obtained;

And constructing corresponding feature vectors according to the obtained geometric features to serve as face recognition information.

The application use verification part is used for performing face recognition authentication on a user before application software is used, namely, the user needs to access database resources of a server side through a network to perform characteristic information comparison, and the specific process comprises the following steps:

Firstly, acquiring a user face image through a camera, uploading the user face image to a server, obtaining corresponding face information through corresponding face image processing, comparing and matching the obtained face information with user face information stored in the server, if matching is successful, considering that the user identity is legal, feeding back a result to application software by the server, authorizing the application software to start related functions of the software, if matching is failed, considering that the user identity is illegal, performing secondary face recognition, locking the software for a period of time after the recognition is performed for more than three times, and continuing face recognition authentication after the set time;

Meanwhile, in order to prevent software vandals from copying unrestricted through common attack means such as photos and screen shots and impersonating the identity of legal users, by bypassing software authorization authentication, the software needs to carry out living body recognition before carrying out face recognition, living body detection uses technologies such as face key point positioning and face tracking, and whether the users are real living bodies or not is verified by making the users carry out combined actions such as blinking, mouth opening, head shaking, head nodding and the like by facing cameras;

the application software extracts the characteristics of face recognition of the user, submits the face information to the server side, and after matching with the face information of the server side, the application software can obtain the authorization permission, key data and configuration data required by the running of the application software, so that the continuous running is ensured. Thus, unauthorized use can be avoided, and the software can be required to be networked for authorization in running according to specific conditions, and can be networked from time to time or once every other fixed time so as to track and manage the use of the software.

And the software main body part is used for managing the data files in the application software after the application software is operated.

It should be further noted that, in the implementation process, the process of tamper-proof data protection for the data file in the application software includes:

Converting a data file generated in the application software into a corresponding data stream, reading the data length of the data stream, and marking the data length as L;

Setting a data length threshold L0;

if L is less than or equal to L0, not processing the data stream, otherwise if L is more than L0, decomposing the data stream into a plurality of data stream fragments;

Marking the data stream converted by the data file or the data stream fragments differentiated by the data stream as plaintext data, and marking the length of the plaintext data as m;

then prime q and prime p are set, where q >1024, p >1024;

Multiplying the prime number q with the prime number p to obtain a corresponding product, and recording the product as n;

Wherein n=q×p;

Based on the prime number q and the prime number p, obtaining a corresponding Euler function, which is marked as phi (q, p);

Wherein Φ (q, p) = (p-1) × (q-1);

setting a public key index, and marking the public key index as e, wherein in the implementation process, the public key index e needs to meet 1<e < phi (q, p) and is mutually similar to phi (q, p);

Obtaining a corresponding private key index according to the set public key index, and marking the private key index as d;

wherein d×e≡1 (mod φ (n));

Respectively obtaining a public key and a private key, wherein the public key is (n, e), and the private key is (n, d);

encrypting the plaintext data according to the obtained public key to obtain encrypted data, and marking the encrypted data as c;

wherein c≡m ^e (modn);

acquiring a hash value of plaintext data, and recording the acquired hash value as a message digest of encrypted data and as a hash;

wherein hash=h (m), H being a hash function;

Encrypting the obtained message digest according to the obtained private key to obtain a corresponding digital signature, which is recorded as signature;

Signature=hashd(modn);

transmitting the encrypted data and the digital signature to a user;

the user calculates the received encrypted data to obtain a hash value of the received encrypted data;

decrypting the received digital signature through the public key to obtain an original message digest;

Comparing the obtained hash value of the received encrypted data with the obtained original message abstract, and if the comparison result is consistent, indicating that the data file is not tampered, wherein the regularization indicates that the data file is tampered or the digital signature is not matched;

in another embodiment of the invention, the soft 5 pieces also have an encryption backup function, the software has an encryption package, the key files of the software have digital signatures, the digital signatures are verified when the software is detected, if the digital signatures are incorrect, the digital signatures are considered to be destroyed, the backup function is started, and the original software files are obtained by decrypting the encryption package, so that the initialization of the software is realized.

The method comprises the steps of providing multi-aspect protection of software by adopting different encryption modes at different stages of the software, requiring registration and verification of face information before the software operates, providing tamper-proof and backup functions by adopting an RSA encryption algorithm when the software operates, and providing comprehensive safety protection from registration to operation of the software so as to improve the safety protection of the software.

The present invention is not limited to the above embodiments, but is intended to be limited to the following embodiments, and any modifications and equivalents of the above embodiments according to the technical principles of the present invention are intended to fall within the scope of the present invention, as long as they are not limited to the above embodiments.

Claims (8)

1. A method for protecting security software, comprising the steps of:

s1, constructing a dynamic link library, and introducing different encryption strategies into the constructed dynamic link library;

step S2, dividing application software to obtain different software components, and respectively associating the different software components with encryption strategies introduced in the dynamic link library;

and step S3, tamper-proof data protection is carried out on the data files in the application software.

2. The method of claim 1, wherein the dynamic link library comprises an import table, an export table, a resource section, a code section, a data section, a location table, and a DLL header;

the import table is used for linking external application software;

The export table is used for storing different encryption strategies;

The resource segment is used for storing resources used in DLLs, such as icons, bitmaps, dialog templates and character strings;

the code segment is used for storing executable codes;

The data segment is used for storing global data and variables;

the positioning table is used for adjusting codes and data addresses when the DLL is loaded;

The DLL header includes information about the version, size, entry point of the DLL.

3. The method of claim 2, wherein the step of dividing the application software to obtain the different software components comprises:

dividing the application software into a plurality of software components, wherein the software components comprise an application registration part, an application use verification part and a software main body part

The application registration part is used for registering identity information of the user;

the application use verification part is used for performing face recognition authentication on the user before using the application software, namely, the user needs to access the database resource of the server side through the network to perform characteristic information comparison;

And the software main body part is used for managing the data files in the application software after the application software is operated.

4. A method of protecting security software according to claim 3, wherein the process of registering identity information of the user comprises:

The user firstly needs to shoot or upload the face photo containing the face information of the user in the album through the camera to register, the face photo shot or in the photo is uploaded to the server, the corresponding face information is obtained through processing the face photo, and the obtained face information is uploaded to the server for storage.

5. The method for protecting security software according to claim 4, wherein the processing of the face photo comprises:

converting the color image into a gray image by a weighted average method;

Detecting key points of the obtained gray level image, scaling the coordinates of the detected key points to the same size according to the scale, and translating all the key points to the same reference position;

after normalization processing of the key points is completed, euclidean distance among the key points, included angles formed by the key points and distance ratio among the key points are obtained, so that corresponding distance characteristics, angle characteristics and proportion characteristics are obtained;

And constructing corresponding feature vectors according to the obtained geometric features to serve as face recognition information.

6. A security software protection method according to claim 3, wherein the application use verification section is for a user to perform face recognition authentication before using the application software, and comprises:

The method comprises the steps of firstly acquiring a user face image through a camera, uploading the user face image to a server, obtaining corresponding face information through corresponding face image processing, comparing and matching the obtained face information with user face information stored in the server, if matching is successful, determining that the user identity is legal, feeding back a result to application software by the server, authorizing the application software to start related functions of the software, and if matching is failed, determining that the user identity is illegal, and performing secondary face recognition.

7. A method of protecting security software according to claim 3, wherein the process of tamper-proof data protection of the data file in the application software comprises:

Converting a data file generated in the application software into a corresponding data stream, reading the data length of the data stream, and marking the data length as L;

Setting a data length threshold L0;

if L is less than or equal to L0, not processing the data stream, otherwise if L is more than L0, decomposing the data stream into a plurality of data stream fragments;

Marking the data stream converted by the data file or the data stream fragments differentiated by the data stream as plaintext data, and marking the length of the plaintext data as m;

encrypting the obtained plaintext data, namely:

then prime q and prime p are set, where q >1024, p >1024;

Multiplying the prime number q with the prime number p to obtain a corresponding product, and recording the product as n;

Wherein n=q×p;

Based on the prime number q and the prime number p, obtaining a corresponding Euler function, which is marked as phi (q, p);

Wherein Φ (q, p) = (p-1) × (q-1);

setting a public key index, and marking the public key index as e, wherein in the implementation process, the public key index e needs to meet 1<e < phi (q, p) and is mutually similar to phi (q, p);

Obtaining a corresponding private key index according to the set public key index, and marking the private key index as d;

wherein d×e≡1 (mod φ (n));

Respectively obtaining a public key and a private key, wherein the public key is (n, e), and the private key is (n, d);

encrypting the plaintext data according to the obtained public key to obtain encrypted data, and marking the encrypted data as c;

wherein c≡m ^e (modn);

acquiring a hash value of plaintext data, and recording the acquired hash value as a message digest of encrypted data and as a hash;

wherein hash=h (m), H being a hash function;

Encrypting the obtained message digest according to the obtained private key to obtain a corresponding digital signature, which is recorded as signature;

Signature=hashd(modn);

transmitting the encrypted data and the digital signature to a user;

the user decrypts the received encrypted data and verifies whether the data has been tampered with.

8. The method of claim 7, wherein decrypting the received encrypted data by the user and verifying whether the data has been tampered with comprises:

the user calculates the received encrypted data to obtain a hash value of the received encrypted data;

decrypting the received digital signature through the public key to obtain an original message digest;

Comparing the obtained hash value of the received encrypted data with the obtained original message abstract, and if the comparison result is consistent, indicating that the data file is not tampered, wherein the anti-regularization indicates that the data file is tampered or the digital signature is not matched.