Key protecting method and system in Android environment

Abstract

The invention discloses a key protection method and system in an Android environment, which realizes file protection through key transparent encryption and decryption operations on the Android platform, including generating an encryption path directory table and an identity verification file respectively; scanning the encryption path directory table, and performing Initialize encryption for the first time; when the user triggers an unlock screen event, perform a hash algorithm operation on the passphrase used to lock the screen and compare it with the authentication file; convert the passphrase into a key using the Shal algorithm and store it; when the user Send a write request, call the key to encrypt the file; when the user sends a read request, call the key to decrypt the file; when the user triggers the lock screen event, clear the key and lock the screen. The present invention adopts the combined lock interface to reduce the impact on user operations as much as possible, and realizes key protection for system files that are blocked externally and unobstructed internally.

Description

technical field [0001] The invention relates to the technical field of information security, in particular to a key protection method and system in an Android environment. Background technique [0002] With the rapid development of science and technology, electronic devices such as computers, the Internet, and smart phones are available everywhere, digital information such as TV, movies, music, and pictures are widely disseminated, and devices such as smart cards, mobile tokens, and wireless sensor networks are widely used. , so that people have more and more ways to access secret information, so that the use environment of cryptographic algorithms is no longer pure and credible. For example, if a user runs a digital media playback software on his own machine, which decrypts encrypted digital information and plays it, then the operating environment of these software is likely to be unsafe, because the decryption process of the software is vulnerable to attacks. The person (...

AI Technical Summary

Problems solved by technology

[0006] Most of the current examples of white-box cryptography technology are white-box implementations of known cryptographic algorithms, such as white-box AES implementation and white-box DES implementation. The execution of the program makes it impossible for the white-box attacker to obtain the key information faster than the exhaustive search even if the white-box attacker can observe the query of the entire lookup table, so as to resist the white-box attack

However, it turns out that the effect of this method is currently not satisfactory.

[0007] Some existing Android key protection systems directly apply the idea of ​​personal computer key protection systems to mobile devices, ignoring platform differences; mobile devices mainly emphasize user experience, not just function realization, and these key protection systems frequently Require users to enter a password, choose to encrypt and decrypt files, which reduces the convenience of the device

On the other hand, although the existing transparent encryption and decryption system reduces the impact on user operating habits, the security protection work is not comprehensive, and its deficiencies include:

[0008] (1) Due to permission issues, the specific directory cannot be protected, and the files on the SD card cannot be protected (and the SD card is an important storage location for user data);

[0009] (2) Only files in a specified format can be protected;

[0010] (3) Due to the low degree of integration with the system, they are extremely vulnerable to attacks;

[0011] (4) Compatibility and scalability are low, and only some specific versions of the system can be supported

Images