Various encryption scheme analysis
Current software encryption methods are varied, and it is impossible to find a classification method to distinguish all of the various encryption schemes. Basically, it can be divided into encryption schemes that depend on a particular hardware and an encryption scheme that does not rely on hardware.
First, relying on hardware encryption scheme
Floppy disk encryption
This is the most old encryption plan on the computer, which is the principle to write some information in the special location of the floppy disk, and the software is verified when running. This type of floppy is like a key. Software developers can use a set of encryption tools at a time to buy a plurality of keyboards. This method is simple, low cost, and it can see its flash point in different periods of software development. However, because the floppy drive is a slow device, the encryption point on the floppy disk will be greatly dragging the running speed of the process, so the general encryption software only checks once when the software is started, so that users can not be used to start with a Dip. Software. And because the floppy disk is a lossable carrier, the repeated read and write of the encryption software is easily damaged by the floppy disk encryption point. And this encrypted disk cannot be backed up, and the software company should constantly pay the user to replace the card. In addition, since this encryption technology has appeared earlier, hard solution density technology is relatively mature, like two King-Copy software to copy most encrypted floppy disks, connect the encryption point to copy, and the floppy disk after copying is also encrypted.
2. Card encryption
In the early 1990s, various Samca emerged, and the card encryption technology was also popular. This encryption technology is now rare to see due to various problems.
3. Software lock encryption
Software lock encryption first appeared abroad, it is a device inserted on a computer printing entrance, and the domestic commonly known as "encrypted dog". There must be some data and algorithms in the encryption lock, and the computer can communicate with it to obtain data, or perform some calculation by encryption lock. Software cannot leave the plus lock. Since it does not want to open the computer's chassis, it can be accessed at any time like encryption card, and the access speed is very fast, so a launch is favored by software developers. Currently, all encryption locks provide programmable interfaces. The user can control the contents in the encryption lock, and access the encrypted lock in the program. Foreign encryption locks generally only provide several algorithms, but good encryption locks can not only provide encryption algorithms to customers, but also allow customers to customize the encryption algorithm according to their own will, allow customers to customize user ID numbers ... such as Beijing Feitian Integrity Technology The Rockey-IV lock launched by the company (Website: www.rockey.com.cn) is a high encryption intensity (see Figure 1). However, the encryption lock is also lacking. Because the encryption lock is used by the computer's printhead, the printing port is designed for the printer, and the software lock is guaranteed to ensure the correct operation of the user, but also guarantees the printer work. normal. However, because the printer driver design is thousands of differences, there is no other encryption lock to do this.
But this problem now has a thorough solution, that is, the encryption lock of the USB interface. The encrypted lock of the USB interface not only has all the advantages of the parallel lock, but there is no printed problem, and its prospects are very optimistic. However, there is only Windows 98 and Windows 2000 to support USB devices. A Rockey-USB encryption lock launched by Beijing Feitian Integrity Technology (see Figure 2) The security is superior to foreign products, while the price is far lower than foreign products.
Since the software lock encryption is currently the mainstream program of software encryption, it is necessary to tell the safety issues of software lock encryption.
First study from the hardware of the software lock. The earlier software lock is not easy to crack due to insufficient encryption of hardware. In the last year's software lock design, most of the low voltage CPU-based design, the program inside the CPU is written by the software lock manufacturer, and since the program inside the CPU is written and cannot be modified, unreadable, security It is also relatively high, and because the CPU program is written by software lock manufacturers, the manufacturers can modify the internal procedures inside the software locks according to their own requirements, and the flexibility is also relatively high. Second, we consider the software lock software. In fact, most hackers attack is just software locks and customers' software, truly from hardware perspectives to crack software locks. From the structure, a software that uses software locks to encrypts three parts: 1) Software lock driver section; 2) Software lock provides specific language modules that communicate with the driver (.obj, .dll) ...); 3) Customer software part. The first two parts are completed by the software lock manufacturers, all have varying degrees of encryption and anti-tracking ingredients, which is not easy to decrypt. The customer software part is relatively simple, often the main part of the hacker attack. The software lock has a lot of use, and there is a problem with any one, which will cause the entire encryption program failure. The customer's way of use is often the key to encryption, if a software lock can finally come up with a certain condition, then once it is skipped here, the entire encryption will lose its role. Planning a set of true effects of enlightening programs to better play the protection of software locks.
4. CD encryption
Since there is a floppy disk encryption, why can't you have CD encryption? However, there are some problems in actual operation, because the disc has ISO9660 standard protocol stipulations, which can be controllable than the floppy disk. It is really difficult to find a way to run without replication. But now there is still a few such products come out, and the encryption method is not the same. Its main principle is that some feature information on a special disc parent drive is non-reproducible, and these feature information is mostly non-aggregated on the disc, and the places where the disc is copied when copying. Because the input is a one-time, the cost can be lowered to a large-scale production. And software data and encryption are undoubtedly very convenient to users on the same carrier. But this is a newer encryption program, many aspects need to be further verified. And due to the limited encryption method, it is impossible to implement this encryption on the disc that is burn itself, it must be the disc production of the production line to be realized. This is still difficult for some small-scale software manufacturers, and because of the readiness of the disc, once encrypted is wrong, it cannot be repaired.
Second, no relying on hardware encryption plan
All encryption programs with additional hardware devices have certain encryption costs inside, and for those prices of high software, it doesn't matter, but for those who share software or price itself, hardware encryption costs may be more than software. The price of itself is also high, so many soft encryption programs have been produced in recent years.
Password table encryption
The start of software is required to enter a specific answer according to the screen's prompt information, and the answer is often in a copy of the anti-printed password table on the user manual. The user can continue to run after the password is correct. This encryption scheme is simple and does not require too much cost. However, users must find a password each time the software is running, which is not avoided. Most of the games like Taiwan use this encryption method. Moreover, there are often some patients entering the entire password table into the computer, which is published with the software piracy, so that the encryptor doesn't help. Basically, a way of encrypting the gentleman does not prevent the small people.
2. Serial number encryption
This encryption method is not a complete set of encryption from a set of angles. Many ShareWare (shared software) today use this encryption method. The user's trial period does not pay, once the trial expires I hope to continue using this software, you must go to the software company to register, and then the software company will generate a serial number based on the information you submit (usually the user's name). When you receive this serial number, it is running in the software. When you enter it, the software will verify that your name and serial number is correct. If you correctly explain that you have purchased this software, there is no date limit. This encryption scheme is simple, and the purchase process is fully implemented on the Internet, both developers and buyers feel very convenient. However, people who have the heart may have noticed that the authentication between the software's name and the serial number is done on your computer. Many hackers use this vulnerability to find the translation relationship between the name and serial number, write a call. Keymaker's program, you only need to enter your name, this program will help you calculate the serial number, turn your name and this serial number into the software into the genuine software. And there is no better way to prevent the user from proliferating the serial number after the registration. 3. License encryption
In this way, from a variety of varieties encrypted from an angle, you can't use it directly from online or purchased software, and the software will detect your computer when installing or running. And generate a specific fingerprint of your computer according to the test results, this fingerprint can be a small file, or a string who can't understand, you need to put this fingerprint data through Internet, E-mail, phone, fax When sending to the developer, the developer will give you a registration code or registration file according to this fingerprint, you get this registration code or registration file and follow the steps of the software to complete the registration after your computer. The sale of this method is also performed through the network, and the software purchased by the user is limited to run on his own computer, in other computers, this registration code or registration file may no longer be effective. However, users can replace certain hardware devices may also cause the registration code to fail, and the user gets the software after completing the registration work. It is not available.
Main technology involved in encryption programs
Case encryption
The word "shell" is estimated to be the original Chinese, I think it is more vivid, it means to add a housing to the executable file. The user executive is actually the program of this housing, and this shell is responsible for uncontrolling the user's original program in the memory, and puts the control right to the unproven real program, because everything is in memory Operation, the user does not know if it doesn't know its running process and there is no impact on the execution speed.
If you add a verification section of the software lock or key disc in the housing program, it is the case we said. In fact, the role of the shell encryption is more than this. There are many programs on the Internet, which is designed specifically to the case, it is compressed or not compressed in the program, and its main feature is in turn tracking, encrypting code, and data to protect you. The integrity of the program data. If you don't want your program code being modified by hackers, if your program does not want to be tracked, if your algorithm does not want to be static by others, this shell is designed for you.
It should be noted that there are many online free shell encryption programs compatibility, and the encrypted program cannot run in some computers or some operating systems.
2. Mathematics algorithm in serial number encryption
Most software encryption itself is a programming skill. However, in recent years, with the popularity of serial number encryption, mathematics algorithms are more and more large.
Let's first take a look at the working principle of serial number encryption on the Internet. When the user downloads a ShareWare-shared software from the network, there is generally limited time limit. After the trial period of shared software, you must go to this software to register and continue to use. The registration process is generally the user to tell the software company with the credit card number, and the software company will calculate a sequence code according to the user's information. After the user gets this sequence code, according to the registration needs Steps Enter the registration information and registration code in the software. The legality of its registration information is passed by software authentication, and the software will cancel the various restrictions of itself. The legality process of the software verification serial number is actually the process of verifying whether the translation relationship between the user name and the serial number is correct. The existing serial number encryption algorithm is mostly designed by software developers, most of which are quite simple. And some algorithms authors have a lot of work, but the effect often does not meet the results it hopoules. In fact, there are many ready-made encryption algorithms that can be used, such as RSADES, MD4, MD5 ... only these algorithms are used for encrypted ciphertext or passwords, and the same serial number is encrypted, if you want to use these encryption algorithms, how much Moving a brain. I have tried here, I hope there is a role of throwing jade:
1) There is a ciphertext S in the software program;
2) Key = f (user name, serial number); (get a key with the binary algorithm above)
3) Ming Text D = F-DES (Cipheet S, Key); (Decipient secret text D)
4) CRC = F-CRC (plaintext d); (for various CRC statistics for the obtained clear text)
5) Check if the CRC is correct, it is best to design several CRC algorithms, check if multiple CRC results are correct.
In this way, there is no correct serial number in the case where there is no known correct serial number.
3. Explain, compile and compile
If you design a unique algorithm that does not want others to know, the encryption method used is often a big relationship with your programming language. It can be said that it has advantages and disadvantages for the interpretation of code security in the interpretation language and compiling languages. The explanation language has a fatal weak point, that is, the program code to explain the language is stored in a pseudo code. Once the person is found, it is easy to make an anti-compiler out of the corresponding relationship between the pseudo code and the source code. Your source is equal to being disclosed. Because the compile language is directly compiled into a machine code, it is difficult to return to your source program from the program, but it is easy to track you for the decryptt of the assembly language. The code to determine the use of certain code.
According to my understanding of various language with anti-compiler, Visual Basic 5.0 or above and C language have no anti-compiler. my suggestion is:
1) Don't prepare a powerful subroutine. If you can print a subroutine, I don't need to see something else.
2) Multi-purpose global variables, preferably global temporary variables, this variable is different in each subroutine, the program structure may not be very good, but it can cause it to move the effect.
3) If you can use C , try to use C to program it, it is best to implement your algorithm all class, even if it is a addition subtraction, it defines a class, then inherits the inheritance of the inheritance from the subclass.
4) Compiled procedures cannot be less than 500KB.
4.CPU, operating system and programming language
