CN1952949A - A software protection method based on modified one time pad - Google Patents

Abstract

The invention discloses a software protection method based on an improved one-time pad random codebook. This method includes two processes of encryption and decryption, abandons the traditional one-step decryption method, and uses the instant decoder to decrypt the software step by step in units of functions during operation, and only decrypts the necessary part in one operation, making it difficult for attackers to obtain The complete decrypted program is difficult to tamper with and bypass the software protection function in the undecrypted part, which enhances the anti-attack performance. In terms of running effect, since the decryption is carried out in a decentralized manner, the problem of long startup delay is solved. Compared with the traditional symmetric key encryption algorithm, the one-time pad encryption technology is used to further reduce the runtime overhead, so that the technology can run smoothly on the current processor. The method enhances the practicability of encryption-based software protection and increases the difficulty of cracking.

Description

A Software Protection Method Based on Improved One-Time-Password Random Code Book

technical field

The invention belongs to the technical field of software encryption and decryption protection, in particular to a software protection method based on an improved one-time password garbled code book.

Background technique

Software piracy is the illegal copying and reselling of software. Piracy has brought huge losses to the entire software industry. The most basic technical method for pirates is to crack the program through reverse engineering, and then illegally tamper with the software to remove software protection methods such as legality self-check program fragments in the software. Technically protecting software has important engineering application value. In order to increase the difficulty of reverse engineering for pirates, obfuscation technology, anti-disassembly technology, and anti-debugging technology have been proposed. However, no technology is theoretically unhackable. The significance of software protection is to increase the legal risks of pirates or to increase the technical difficulty of illegally copying software in engineering. Simple anti-disassembly technology, which confuses the disassembler by adding useless random bytes in the object file, is relatively easy to crack. Use encryption technology to protect the software, encrypt the program, and automatically decrypt it before running. In this way, since the encrypted program is stored in the disk image of the executable program, the disassembler cannot perform the disassembly operation because the plaintext of the program cannot be obtained. However, the use of encryption technology for software protection faces two problems that must be solved: ① The encrypted software must be decrypted at runtime, which brings runtime overhead, which is more serious for large executable programs and has a longer startup time. delay. ②The program should be transformed into a binary code stream that the processor can understand. On the one hand, the information should be exposed to the processor, and on the other hand, it should be hidden from the attacker. This is a dilemma. Usually, the attacker's attack on the encrypted software is not an attack on the cryptographic algorithm, but cracks the self-boot program fragment of the software through reverse engineering, finds the key for decryption, or directly uses the self-boot program to decrypt the memory formed after the decryption. of the image.

Protecting software through encryption is an effective way to prevent pirates from cracking programs through reverse engineering. The traditional encryption protection method has a large cost of decryption at runtime, and because of the one-time decryption method, it is vulnerable to attacks and obtains the decrypted program image directly from the memory.

Contents of the invention

The purpose of the present invention is to provide a software encryption method based on an improved one-time pad random code book. The method of the present invention abandons the traditional one-step decryption method, and uses the real-time decoder to decrypt the software step by step with the function as the unit during operation, and only decrypts the necessary part in one operation, making it difficult for the attacker to obtain the complete decrypted program. Tampering and bypassing the software protection function in the undecrypted part enhances the anti-attack performance. In terms of operation effect, since the decryption is performed in a decentralized manner, the problem of long startup delay is solved. Compared with the traditional symmetric key encryption algorithm, the one-time pad encryption technology is used to further reduce the runtime overhead, so that the technology can run smoothly on the current processor. The method enhances the practicability of encryption-based software protection and increases the difficulty of cracking.

The technical scheme that the present invention realizes above-mentioned purpose of the invention adopted is as follows: the method comprises two processes of encryption and decryption, and the encryption process comprises the following steps:

a. Randomly select an encryption key in the improved one-time pad random code book for the current processing function, mark the function as encrypted in the global data structure "encrypted function table", and record the encryption key;

b. Add a springboard to the function before the function body;

c. Scan each instruction of the current processing function, do special processing for function calls, and add instructions for passing implicit parameters to it;

d. After scanning the instructions of the function body one by one, use the key generated in step a to encrypt the function body with an improved one-time pad random code book.

The decryption process is: when the software is running, each function is decrypted when it is called for the first time, and the real-time decoder is responsible for decrypting each function. The decrypted function body is still in the original position in the main memory, and then the function The springboard in front of the body is patched and removed, and when it is executed for the second time, the decrypted function body is directly executed without decrypting it again.

The one-time pad in the step a is a sufficiently large binary key pool K, whose size is N bytes, and the addressing of each byte is 0, 1, ..., N-1; this The keys in the binary key pool are N random numbers between [0, 255].

The selection process of the key in the step a is as follows: first generate a random number x between [0, N-1], use K[x] as the first byte of the key, and then according to the encrypted method body The binary code length of K[x] is selected, and if the end of the key pool is reached, the selection is continued from the beginning of the key pool until the key length is equal to the binary code length of the encrypted method body.

The implicit parameter in step c refers to the encryption key of the called function. If the called function has been encrypted and protected before then, the encryption key can be obtained from the global data structure "encrypted function table". If the calling function has not been encrypted, the recursive call algorithm first processes the called function.

The one-time pad used in the step d exists in the encrypted program in some form, which can be in the form of plain text or in the form of cipher text encrypted by using some encryption algorithm.

The specific key used for decryption in the decryption process (the starting position of the key in the garbled code book) does not exist in the code in the form of plain text, but is used as an implicit key when called by the caller of the decrypted function. formula parameters to provide.

Compared with common encryption method, the advantage of software protection method of the present invention is:

1. Uncover the secrets hidden in the software step by step with the function as a unit through the real-time decoder at runtime. Only the necessary part of one operation is decrypted, making it difficult for an attacker to obtain a complete decrypted program, and it is difficult to tamper with and bypass the software protection function in the undecrypted part, which enhances the attack resistance.

2. In terms of operation effect, since the decryption is carried out in a decentralized manner, the problem of long startup delay is solved. Compared with the symmetric key encryption algorithm, the one-time-pad encryption technology further reduces the runtime overhead, so that the technology can run smoothly on the current processor. The method enhances the practicability of encryption-based software protection and increases the difficulty of cracking.

3. The specific key used for decryption does not exist in the code in the form of plain text, but is provided as an implicit parameter by the caller of the decrypted function when calling. So only a caller who has decrypted a function can further decrypt the called function.

4. Instant decryption technology reveals the secrets hidden in the code step by step. During the execution of the software, the logic of unused software segments will not be revealed, which prevents the attacker from obtaining the image of the decrypted application program in the main memory through tools such as a debugger at one time.

5. The instant decryption technology only decrypts the codes needed in one run, and does not decrypt the codes that have not been run, which further reduces the time required for decryption. Compared with the traditional one-time decryption method, the decryption operation is divided into multiple times, which also effectively reduces the software startup time. Due to the use of the degenerated one-time pad garbled codebook for encryption and decryption, the decryption operation is only a simple XOR operation, and no obvious delay is felt even for interactive applications.

Description of drawings

Figure 1 is a schematic diagram of the decryption process;

Fig. 2 is a comparison diagram of running time overhead between this method and the traditional software encryption protection method.

Detailed ways

The present invention will be further described below in conjunction with accompanying drawing.

The method of the present invention realizes software encryption by using an improved one-time-pass random code book. One-time pad garbled codes use a large set of non-repeating true random key letters, which is called garbled codes. The method of the invention is to popularize the encryption algorithm of the one-time pad garbled code book, replace the one-time pad garbled code book composed of letters with the one-time pad garbled code book composed of binary numbers, and replace the addition of plaintext letters with XOR. When decrypting, it only needs to be XORed again against the one-time password garbled code book. When the encryption method is used to protect the software, the decryption is automatically completed when the software is running, so the decryption time takes up the running time of the software. With the one-time pad, the decryption operation is just a simple XOR operation. Compared with the traditional encryption algorithm, the decryption time is greatly improved. The improved one-time pad is a sufficiently large binary key pool K, whose size is N bytes, and the address of each byte is 0, 1, ..., N-1. The keys in this binary key pool are N random numbers between [0, 255]. Encryption and protection of software, with the function in the program as the unit, each function body is encrypted separately, and different keys are randomly selected in the key pool. The key selection process is as follows, generate a random number x between [0, N-1], take K[x] as the first byte of the key, and select K according to the binary code length of the encrypted method body If the subsequent bytes of [x] reach the end of the key pool, continue to select from the beginning of the key pool until the key length is equal to the binary code length of the encrypted method body. Assuming that there are F methods in the program, even if the attacker knows the principle of the encryption protection algorithm, if the key of each method cannot be obtained accurately, F×N trials are required to try to crack the software, and it is very difficult to determine whether the result of each trial is correct. Difficult to judge, so it cannot be done automatically. Since N is a large enough number, and F is generally large in an actual software, this makes the attempt to break the encryption infeasible in actual engineering. It is a good property of this algorithm that the protection of software does not depend on the secrecy of the algorithm.

The software encryption process is as follows, starting from the entry function of the software, and recursively proceeding in units of functions: ① Randomly select an encryption key for the current processing function, mark the function as encrypted in the global data structure "encrypted function table", and Record the encryption key. ② Add a springboard to the function before the function body. ③ Scan each instruction of the current processing function, do special processing for the function call, and add instructions for passing implicit parameters to it. This implicit parameter is the encryption key of the called function. If the called function has been encrypted before then, the encryption key can be obtained from the global data structure "encrypted function table". For the situation that the called function has not been encrypted yet, recursively call this algorithm to process the called function first. ④ After scanning the instructions of the function body one by one, use the key generated in ① to encrypt the function body with a garbled code book. The degenerated one-time pad garbled codebook exists in some form in the encrypted program. It can be in the form of plain text or in the form of cipher text encrypted with some encryption algorithm. The robustness of the present invention does not depend on keeping the secret of the garbled code book, because each method adopts different keys for encryption, even if the garbled code book is obtained, it is difficult to easily crack it. This is fundamentally different from the traditional method of using a key to encrypt software and relying on the secret of the key to prevent cracking. In the traditional encryption-based software protection method, the software is decrypted once when the software is self-booting. A significant weakness of this method is that the decrypted software exists in the main memory in the form of plain text, and it is easy for an attacker to obtain the decrypted software directly from the main memory through tools such as a debugger. The method of the present invention adopts the instant decryption technology, and each function performs the decryption operation when it is called for the first time, and after the decryption is completed, it is handed over to the processor for execution. The present invention adds a springboard in front of each encrypted function body to call the instant decoder. The real-time decoder is responsible for decrypting each function at runtime. The decrypted function body is still in the original location in the main memory, but the previous springboard has been patched and removed. When it is executed for the second time, the decrypted function is directly executed. Body, no need to decrypt again, as shown in Figure 1.

The specific key used for decryption (the starting position of the key in the garbled code book) does not exist in the code in the form of plain text, but is provided as an implicit parameter by the caller of the decrypted function when calling. So only a caller who has decrypted a function can further decrypt the called function. The real-time decryption technology reveals the secrets hidden in the code step by step. During the execution of the software, the logic of the unused software fragments will not be revealed, which prevents the attacker from obtaining the decryption through a debugger and other tools at one time. The application's image in main memory. The functions of modern software are powerful and complex. A software system can complete several main functions, and only a part of the functions are used in one run of the software. And a large part of the logic in the software is used to handle various exceptions and exceptions, and these codes do not run normally. This ensures that an attacker can hardly decrypt the software completely even if the software is run many times. In the undecrypted code, the program fragments used for software legality self-check and self-destruction can be hidden. If these program fragments are not successfully removed by pirates, the use value of pirated illegal copies will be greatly reduced. Modern software is huge, and the instant decryption technology only decrypts the codes needed in one run, and does not decrypt the codes that have not been run, which further reduces the time required for decryption. Compared with the traditional one-time decryption method, the decryption operation is divided into multiple times, which also effectively reduces the software startup time. Due to the use of the degenerated one-time pad garbled codebook for encryption and decryption, the decryption operation is only a simple XOR operation, and no obvious delay is felt even for interactive applications.

In order to verify the advantages of degenerate one-time pad garbled software encryption technology and on-the-fly decryption technology in terms of runtime overhead, it is compared with traditional software encryption protection methods. Application images of different sizes were selected to examine the feasibility of applying this technology to applications of different sizes. For the encryption algorithm used, the degenerate one-time pad garbled encryption proposed in this paper, standard DES, 3DES is adopted. And did not use algorithms such as RSA based on the public key, this is because the RSA algorithm implemented by software is 100 times slower than the DES algorithm [2], and the runtime overhead is too large. The computer using AMD Athlon XP 2500+ processor and 512 MDDR memory is the test platform, and the DES and 3DES algorithms are realized by the efficient software of cryptlib. The obtained test data are shown in Figure 2. Among them, DES, 3DES, and OTP respectively correspond to the total time of one-time decryption using the corresponding algorithm, and the subsequent columns correspond to the average time of decrypting a function using JIT (Just-In-Time, runtime compilation and execution) method. For modern microprocessors, its computing power is already very powerful. There are good experimental results for the decryption time of symmetric key encryption and one-time pad encryption. For smaller applications, even using DES/3DES to encrypt and decrypt once will not bring a large startup delay. For larger applications, using DES/3DES for encryption and one-time decryption will cause a slight delay, which shows that the one-time password random code book is about 3 times and 9 times faster than DES and 3DES respectively. The use of instant decryption can greatly shorten the start-up delay, and the start-up delay is not obvious when using the above three algorithms. The time to decrypt each function varies according to the encryption algorithm used, and the one-time-pass random code book is the shortest. For interactive applications, use the one-time pad garbled encryption JIT decryption method, and there is no sense of stagnation during operation. For symmetric key encryption, if JIT is used for decryption, there may occasionally be a sense of stagnation during operation, which is the delay caused by centralized decryption.

Claims (6)

1, a kind of method for protecting software based on improved One-time pad, this method comprise two processes of encryption and decryption, it is characterized in that: described ciphering process step is as follows:

A. for working as pre-treatment function picked at random encryption key in improved One-time pad, the encrypted processing of this function of mark in global data structures " encryption function table ", and recording of encrypted key;

B. before function body, add a springboard for function;

C. scanning is done special processing for function call, for it increases the instruction of transmitting the implicit expression parameter when each bar instruction of pre-treatment function;

D. one by one behind the end of scan, use the key that produces among the step a to use improved One-time pad to encrypt to the instruction of function body to function body;

Described decrypting process is: when running software, each function is decrypted operation invoked the time when the 1st time, the instantaneous decoding device is responsible for deciphering each function, function body after the deciphering is original position in main memory still, then the springboard of function body front being stamped patch removes, when carrying out for the 2nd time, directly carry out the function body after deciphering, need not decipher once more.

2, method for protecting software according to claim 1 is characterized in that the One-time pad among the described step a is an enough big binary keys pond K, establishes its size for N byte, each byte be addressed to 0,1 ..., N-1; Key in this binary keys pond is N the random number between [0,255].

3, method for protecting software according to claim 1 and 2; it is characterized in that key among the described step a to choose process as follows: at first generate one [0; N-1] between random number x; with k[x] as first byte of key; according to the binary coding length of encrypted method body, choose K[x then] subsequent byte, if arrive the ending of pool of keys; then continue to choose, equal the binary coding length of encrypted method body up to key length from the starting position of pool of keys.

4, method for protecting software according to claim 1; it is characterized in that implicit expression parameter among the described step c is meant the encryption key of the function that is called; the encrypted before this protection of function if be called; then encryption key can obtain from global data structures " encryption function table "; also do not have encrypted situation for the function that is called, this algorithm of recursive call is at first handled the function that is called.

5, method for protecting software according to claim 1; One-time pad after it is characterized in that in the described steps d using is present in the middle of the program after the encryption with certain form; can also can exist with form expressly to use the ciphertext form after certain cryptographic algorithm is encrypted.

6, method for protecting software according to claim 1; it is characterized in that the concrete key (key is in the reference position of clobber book) that is used for deciphering in the described decrypting process does not exist in code with form expressly, but when calling, provide as an implicit expression parameter by decrypted function calls person.

Images