SDK security enhancement method

A security and algorithm technology, applied in computer security devices, program/content distribution protection, instruments, etc., can solve problems such as low security intensity, data security threats, security risks, etc., to improve management security and reduce key leakage. risk effect

Pending Publication Date: 2021-07-09
沈阳微可信科技有限公司
0 Cites 0 Cited by

AI-Extracted Technical Summary

Problems solved by technology

[0006] At present, the methods of splitting or obfuscation are mainly used to protect the SDK default key, and its security strength is low. Attackers can steal the SDK default key at will, which brings...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Method used

In summary, by means of the above-mentioned technical scheme of the present invention, by applying white-box cryptography to the encryption and decryption key protection of SDK, the default key of SDK is ...
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Abstract

The invention discloses an SDK (Software Development Kit) security enhancement method, which comprises the following steps of: generating a white-box password corresponding to an SDK default key, and generating the white-box password through a white-box password algorithm by taking the SDK default key as input; then putting the lookup table of the white-box password and a cryptographic API (Application Program Interface) into an SDK (Software Development Kit); replacing a cryptographic AP using an SDK default key in the SDK with a cryptographic API in the white-box password; and finally, releasing the SDK again. According to the invention, the white-box cryptography technology is applied to encryption and decryption key protection of the SDK to protect the default key of the SDK, so that the security of the default key of the SDK can be ensured in a white-box attack environment, the risk of key leakage is effectively reduced, and the management security of the key is improved.

Application Domain

Technology Topic

Key leakageSoftware development +8

Image

  • SDK security enhancement method

Examples

  • Experimental program(1)

Example Embodiment

[0021] Next, the technical solutions in the embodiments of the present invention will be apparent from the embodiment of the present invention, and it is clearly described, and it is understood that the described embodiments are merely embodiments of the present invention, not all of the embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those of ordinary skill in the art are in the scope of the present invention, in order to facilitate the understanding of the above technical solutions of the present invention, the above techniques of the present invention will be described below. The solution will be described in detail.
[0022] Such as figure 1 As shown, an SDK security enhancement method according to an embodiment of the present invention, including the first white box password corresponding to the SDK default key, with the SDK default key is input, for example: unsigned char key [16] = { 0xE8, 0xA4, 0X50, 0x1B, 0XA4, 0x21, 0x86, 0xc0, 0x8d, 0x65, 0x2, 0x34, 0x5f, 0xbc, 0x34, 0x70}, with a white box password SM4 algorithm with 128-bit key length as an example, The white box password SM4 algorithm generates a white box password, the white box password SM4 algorithm is an algorithm that protects the key security in a white box attack environment, which is divided by the password algorithm structure, encodes, checksum, and affine Transform, etc., hide the key information in the lookup table to prevent the attacker from obtaining key information; the finally generated white box password is a lookup table that hides key information and a password API, mainly for white box password integrated.
[0023] The cryptography API is:
[0024] / **
[0025] * \ param [in] Plain_Text to Be Encrypt Data.
[0026] * \ param [in] plain_text_len _text to be encrypt Data Length.
[0027] * \ param [in] IV input iv.
[0028] * \ param [in] IV_len Input IV Length.
[0029] * \ Param [out] cipher_text out buffer used to receive encrypted data.
[0030] * \ param [out] cipher_text_len out data longth.
[0031] * /
[0032] INT UT_PF_WBOX_CTR (const unsigned char * plain_text,
[0033] Const unsigned int plain_text_len,
[0034] Const unsigned char * iv,
[0035] Const unsigned int iv_len,
[0036] Unsigned char * cipher_text,
[0037] unsigned int * copher_text_len) ;.
[0038] After the white box password is generated, it needs to be integrated with a white box password. The integrated white box password is to put the lookup table and cryptographic API of the white box password into the SDK; replace the SDK default key with a cryptographic API Cipher API in white box password.
[0039] Finally, the SDK after the security enhancement is re-issued on the platform.
[0040] The safety enhanced SDK method of the present invention is an independent module. It is easy to integrate into the SDK. It has easyibility, the present invention and the hardware platform and the operating system have independent. It has good portability, which can significantly improve the security of SDK, for each The supply chain security in the industry provides guarantees.
[0041] In summary, by means of the above-described technical solution of the present invention, the SDK default key can be guaranteed in a white box attack by applying a white box password technology to an add-encycloped key protection of the SDK, protects the SDK default key in a white box attack. Safety, effectively reduce the risk of key leaks and improve the management security of the key.
[0042] It is only the preferred embodiments of the present invention, and is not intended to limit the invention, any modification, equivalent replacement, improvement, etc. according to the spirit and principles of the present invention, should be included in the present invention. Within the protection range.
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

PUM

no PUM

Description & Claims & Application Information

We can also present the details of the Description, Claims and Application information to help users get a comprehensive understanding of the technical details of the patent, such as background art, summary of invention, brief description of drawings, description of embodiments, and other original content. On the other hand, users can also determine the specific scope of protection of the technology through the list of claims; as well as understand the changes in the life cycle of the technology with the presentation of the patent timeline. Login to view more.
the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to view more

Similar technology patents

VOIP call encryption method and terminal

Owner:深圳市恒达移动互联科技有限公司

A method and system for temporarily manage an intelligent device

PendingCN109472125AImprove management efficiencyImprove management securityDigital data authenticationManagement efficiencyIntelligent equipment
Owner:GUANGDONG XIAOTIANCAI TECH CO LTD

Data processing method and device, equipment and machine readable medium

PendingCN111400726AImprove securityReduce the risk of key compromiseDigital data protectionInternal/peripheral component protectionMachine-readable mediumData processing
Owner:BANMA ZHIXING NETWORK HONGKONG CO LTD

Air conditioning module anti-counterfeiting method, operation control device and air conditioning equipment

PendingCN113432266AReduce the risk of key compromiseReduce chances of counterfeit useMechanical apparatusDigital data protectionKey leakageEncryption
Owner:FOSHAN SHUNDE MIDEA ELECTRONICS TECH CO LTD +1

Classification and recommendation of technical efficacy words

  • Reduce the risk of key compromise
  • Improve management security

VOIP call encryption method and terminal

Owner:深圳市恒达移动互联科技有限公司

Data processing method and device, equipment and machine readable medium

PendingCN111400726AImprove securityReduce the risk of key compromiseDigital data protectionInternal/peripheral component protectionMachine-readable mediumData processing
Owner:BANMA ZHIXING NETWORK HONGKONG CO LTD

Air conditioning module anti-counterfeiting method, operation control device and air conditioning equipment

PendingCN113432266AReduce the risk of key compromiseReduce chances of counterfeit useMechanical apparatusDigital data protectionKey leakageEncryption
Owner:FOSHAN SHUNDE MIDEA ELECTRONICS TECH CO LTD +1
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Try Eureka
PatSnap group products