Unlock instant, AI-driven research and patent intelligence for your innovation.

Protection method of authentication information generation algorithm and terminal

A technology for generating algorithms and authentication information. It is used in digital data authentication, program/content distribution protection, and computing. It can solve problems such as the inability to protect Token generation algorithms, and achieve the effect of ensuring security.

Active Publication Date: 2021-04-06
XIAMEN MEIYA PICO INFORMATION
View PDF6 Cites 1 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0005] Both methods are generated by string splicing, data formula calculation and message digest algorithm. Although different APPs will use different algorithm combinations and formulas to generate token (Token) values ​​that cannot be copied and reused, some application tools can Directly see the specific encryption logic, so the Token generation algorithm cannot be protected

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Protection method of authentication information generation algorithm and terminal
  • Protection method of authentication information generation algorithm and terminal
  • Protection method of authentication information generation algorithm and terminal

Examples

Experimental program
Comparison scheme
Effect test

Embodiment 1

[0057] Please refer to figure 1 , a method for protecting an authentication information generation algorithm, comprising the steps of:

[0058] Encapsulate the authentication information generation algorithm to be protected through the preset programming language;

[0059] Compiling the encapsulated authentication information generation algorithm to generate binary code;

[0060] placing the binary code in a preset code segment and encrypting it;

[0061] Specifically: Encrypt the compiled authentication information generation algorithm through a symmetric encryption algorithm, where the symmetric encryption algorithms used include: DES, 3DES, AES, SM4, Blowfish, IDEA, RC4, RC5, RC6 and XXTEA;

[0062] placing the encrypted signature information in the preset code segment;

[0063] This embodiment provides a specific application scenario:

[0064] When the authentication information generation algorithm to be encrypted is the Android APP signature generation algorithm, the...

Embodiment 2

[0067] Please refer to Figure 4 , the difference between this embodiment and Embodiment 1 is that how to call the encrypted authentication information generation algorithm is specifically limited:

[0068] Receive authentication information generation algorithm call request;

[0069] Invoke a request to the preset code terminal to obtain encrypted signature information corresponding to the authentication information generation algorithm according to the authentication information generation algorithm;

[0070] Verify the signature information, if the verification is successful, obtain the encrypted authentication information generation algorithm and the corresponding decryption algorithm, specifically: develop a dynamic link library in advance, and set it in the process array section of the dynamic link library An encryption section (section.encry) loading function, through which the signature information corresponding to the encrypted authentication information generation a...

Embodiment 3

[0082] Please refer to Figure 6 , a protection terminal for an authentication information generating algorithm, comprising a memory, a processor, and a computer program stored on the memory and operable on the processor, and the processor implements the first or second embodiment when executing the computer program Each step in the protection method of the authentication information generation algorithm described above.

[0083] In summary, the invention provides a protection method and terminal for an authentication information generation algorithm, which encapsulates and compiles the authentication information generation algorithm to be protected, generates binary code, and then places the compiled binary code in a specific code section is encrypted, and then the encrypted signature information is placed in the preset code section. By encrypting the authentication information generation algorithm, the authentication information generation algorithm is generated into a binar...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The invention discloses a protection method of an authentication information generation algorithm and a terminal. The protection method includes: packaging the authentication information generation algorithm to be protected through a preset programming language; compiling the encapsulated authentication information generation algorithm to generate a binary code; placing the binary code in a preset code segment, and encrypting the binary code; arranging the signature information obtained after encryption in the preset code segment; and packaging, compiling and encrypting the authentication information generation algorithm in sequence, generating an isomerized and loaded binary system by the authentication information generation algorithm, interrupting analysis of the authentication information generation algorithm by a decompilation tool so that a code decompilation tool is made to have errors in function recognition and syntax tree recognition, and the characteristics of the authentication information generation algorithm cannot be identified. By means of the method, the situation that the authentication information generation algorithm is restored by a decompiled tool is avoided,so that it is guaranteed that the authentication generation algorithm cannot be analyzed through static analysis, and therefore the safety of the authentication information generation algorithm is guaranteed.

Description

technical field [0001] This application relates to the field of computer information security, in particular to a protection method and terminal for an authentication information generation algorithm. Background technique [0002] With the development of mobile technology and the popularization of distributed Android applications, the traditional session control (session) authentication user login method is becoming more and more expensive and less secure, resulting in the most popular cross-domain authentication The solution is JWT (JSON Web Token) signature. At this stage, most APP authentication methods are based on generating JWT signatures for login authentication. So far, there are two main ways to generate signatures, one is generated in Java logic, and the other is generated by JNI (Java Native interface, Java local interface) calls. [0003] Since Java is a cross-platform programming language, its source code (.java file) will be compiled into a platform-independen...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
Patent Type & Authority Applications(China)
IPC IPC(8): G06F21/44G06F8/41G06F21/12G06F21/14
CPCG06F21/44G06F8/41G06F21/125G06F21/14G06F21/107
Inventor 童凯张磊孙林泽杜新胜张辉极
Owner XIAMEN MEIYA PICO INFORMATION