[go: up one dir, main page]

CN103761456B - A kind of anti-method cracking of monolithic microcomputer kernel code - Google Patents

A kind of anti-method cracking of monolithic microcomputer kernel code Download PDF

Info

Publication number
CN103761456B
CN103761456B CN201310475562.7A CN201310475562A CN103761456B CN 103761456 B CN103761456 B CN 103761456B CN 201310475562 A CN201310475562 A CN 201310475562A CN 103761456 B CN103761456 B CN 103761456B
Authority
CN
China
Prior art keywords
code
ciphertext
plaintext
core
chip microcomputer
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Withdrawn - After Issue
Application number
CN201310475562.7A
Other languages
Chinese (zh)
Other versions
CN103761456A (en
Inventor
沈秀清
陈维哲
王鲁克
储祝君
陈冰
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Lierda Science & Technology Group Co Ltd
Original Assignee
Lierda Science & Technology Group Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Lierda Science & Technology Group Co Ltd filed Critical Lierda Science & Technology Group Co Ltd
Priority to CN201310475562.7A priority Critical patent/CN103761456B/en
Publication of CN103761456A publication Critical patent/CN103761456A/en
Application granted granted Critical
Publication of CN103761456B publication Critical patent/CN103761456B/en
Withdrawn - After Issue legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • G06F21/125Restricting unauthorised execution of programs by manipulating the program code, e.g. source code, compiled code, interpreted code, machine code

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

本发明公开了一种单片机核心代码防破解的方法。它包括以下步骤:在单片机执行代码过程中,当执行到密文代码所在的特定存储区域时,MPU内存保护模块产生一个中断,在中断中,采用AES模块将密文代码解密成明文代码,CRC校验正确后,将明文代码回传到特定存储区域,中断返回,单片机执行特定存储区域的明文代码,代码执行完毕后,AES模块将特定存储区域的明文代码加密成密文代码,CRC校验正确后,将密文代码回传到特定存储区域。本发明使单片机内的核心代码以密文的形式存在,即使破解者使用侵入式方式破解了单片机,将单片机内核心代码读出,也无法将密文形式的核心代码翻译成明文,从而保护了核心代码。

The invention discloses a method for preventing cracking of the core code of a single-chip microcomputer. It comprises the following steps: in the single-chip microcomputer execution code process, when executing to the specific storage area where the ciphertext code is located, the MPU memory protection module generates an interrupt, and in the interrupt, the ciphertext code is decrypted into a plaintext code by the AES module, CRC After the verification is correct, the plaintext code is returned to the specific storage area, the interrupt returns, and the MCU executes the plaintext code in the specific storage area. After the code is executed, the AES module encrypts the plaintext code in the specific storage area into a ciphertext code, and the CRC check After being correct, return the ciphertext code to a specific storage area. The invention enables the core code in the single-chip microcomputer to exist in the form of cipher text, even if the cracker uses an intrusive method to crack the single-chip microcomputer and reads the core code in the single-chip microcomputer, the core code in the form of cipher text cannot be translated into plain text, thereby protecting core code.

Description

一种单片机核心代码防破解的方法A method for anti-cracking of single-chip microcomputer core code

技术领域technical field

本发明涉及单片机代码保护技术领域,尤其涉及一种单片机核心代码防破解的方法。The invention relates to the technical field of code protection of single-chip microcomputers, in particular to a method for preventing cracking of core codes of single-chip microcomputers.

背景技术Background technique

现在市面上对单片机的破解技术层出不穷,主要有两种方式:非侵入式和浸入式。非侵入式的方式是利用芯片设计或者芯片编程时序中的某些漏洞对芯片进行破解。当然随着芯片设计行业的发展,该种情况也会越来越少。侵入式的方式是破坏芯片的封装,利用半导体测试设备,显微镜和微定位器等仪器找到芯片保护熔丝的位置并将其修复,使其变成未经加密的芯片,然后用专用编程器将程序读出,或者直接将探针放在芯片内部总线上读出存储器中的程序。Now there are endless cracking technologies for single-chip microcomputers on the market, and there are mainly two methods: non-intrusive and immersion. The non-intrusive method is to crack the chip by exploiting certain loopholes in the chip design or chip programming sequence. Of course, with the development of the chip design industry, such situations will become less and less. The intrusive way is to destroy the package of the chip, use semiconductor testing equipment, microscopes and micropositioners and other instruments to find the position of the chip protection fuse and repair it, making it an unencrypted chip, and then use a special programmer to reset Program reading, or directly put the probe on the internal bus of the chip to read the program in the memory.

中国专利公开号CN1971470A,公开日2007年5月30日,发明的名称为一种采用多用途辅助单片机的系统加密方法,该申请案公开了一种采用多用途辅助单片机的系统加密方法,它是在多位处理器系统中,取功能相对简单、软件程序量小的辅助微处理器用带内置烧死程序存储器的单片机替代,在主处理器程序和辅助单片机程序中增加按照约定加密协议算法的密码校验,使得程序不能够被读出而无法复制,从而达到系统加密的目的。其不足之处是,该单片机内的代码是明码,破解者可通过侵入式的方式进行破解,将单片机内的明文代码读取出来,从而还原成高级语言,掌握核心技术。Chinese Patent Publication No. CN1971470A, published on May 30, 2007, the name of the invention is a system encryption method using a multi-purpose auxiliary single-chip microcomputer, the application discloses a system encryption method using a multi-purpose auxiliary single-chip microcomputer, which is In a multi-bit processor system, the auxiliary microprocessor with relatively simple functions and small software programs is replaced by a single-chip microcomputer with a built-in burn-out program memory, and a password according to the agreed encryption protocol algorithm is added to the main processor program and the auxiliary single-chip computer program. Verification, so that the program cannot be read and cannot be copied, so as to achieve the purpose of system encryption. Its shortcoming is that the code in the single-chip microcomputer is a clear code, and the cracker can crack it in an intrusive way to read the plain text code in the single-chip microcomputer, thereby restoring it to a high-level language and mastering the core technology.

发明内容Contents of the invention

本发明的目的是克服目前单片机容易被侵入式方式破解的技术问题,提供了一种单片机核心代码防破解的方法,其使单片机内的核心代码以密文的形式存在,即使破解者使用侵入式方式破解了单片机,将单片机内核心代码读出,也无法将密文形式的核心代码翻译成明文,从而保护了核心代码。The purpose of the present invention is to overcome the technical problem that the current single-chip microcomputer is easily cracked by an intrusive method, and provides a method for preventing the core code of the single-chip microcomputer from cracking, which makes the core code in the single-chip microcomputer exist in the form of cipher text, even if the cracker uses an intrusive method The method cracked the single-chip microcomputer, and the core code in the single-chip microcomputer was read out, and the core code in the form of cipher text could not be translated into plain text, thereby protecting the core code.

为了解决上述问题,本发明采用以下技术方案予以实现:In order to solve the above problems, the present invention adopts the following technical solutions to achieve:

一种单片机核心代码防破解的方法,所述单片机带有MPU内存保护模块、AES便件加速模块、DMA模块和CRC模块,包括以下步骤:A kind of anti-cracking method of single-chip microcomputer core code, described single-chip microcomputer has MPU memory protection module, AES file acceleration module, DMA module and CRC module, comprises the following steps:

S1:预先对单片机内需要保护的核心代码进行初始加密,将核心代码通过AES加密算法加密成密文代码,同时将该密文代码进行备份,备份的密文代码存储在单片机的非易失性存储器上;S1: Initially encrypt the core code that needs to be protected in the microcontroller in advance, encrypt the core code into a ciphertext code through the AES encryption algorithm, and back up the ciphertext code at the same time, and the backup ciphertext code is stored in the non-volatile memory of the microcontroller on memory;

S2:单片机执行代码过程中,当执行到一段密文代码所在的特定存储区域时,MPU内存保护模块产生一个中断;S2: During the execution of the code by the single-chip microcomputer, when the specific storage area where a piece of ciphertext code is executed, the MPU memory protection module generates an interrupt;

S3:单片机当前执行的代码进入中断,DMA模块将该密文代码传输到单片机的易失性存储器上的指定区域,AES便件加速模块将指定区域的密文代码解密成明文代码,CRC模块校验明文代码,如果校验错误,则执行步骤S4,如果校验正确,则执行步骤S5;S3: The code currently executed by the MCU enters an interrupt, and the DMA module transfers the ciphertext code to the designated area on the volatile memory of the MCU, and the AES file acceleration module decrypts the ciphertext code in the designated area into a plaintext code, and the CRC module checks the Verify the plaintext code, if the verification is wrong, then perform step S4, if the verification is correct, then perform step S5;

S4:原密文代码保持不变,DMA模块不会将明文代码回传到原密文代码所在的特定存储区域,单片机当前执行的代码一直处于中断中,中断无法返回;S4: The original ciphertext code remains unchanged, and the DMA module will not return the plaintext code to the specific storage area where the original ciphertext code is located. The code currently executed by the microcontroller is always interrupted, and the interrupt cannot return;

S5:DMA模块将明文代码回传到原密文代码所在的特定存储区域将原密文代码覆盖,明文代码全部回传完毕后,中断返回,单片机执行明文代码;S5: The DMA module returns the plaintext code to the specific storage area where the original ciphertext code is located to cover the original ciphertext code. After all the plaintext codes are returned, the interrupt returns, and the single-chip microcomputer executes the plaintext code;

S6:明文代码执行完毕后,DMA模块将该明文代码传输到单片机的易失性存储器上的指定区域,AES便件加速模块将指定区域的明文代码加密成密文代码,CRC模块校验密文代码,如果校验错误,则执行步骤S7,如果校验正确,则执行步骤S8;S6: After the plaintext code is executed, the DMA module transfers the plaintext code to the specified area on the volatile memory of the single-chip microcomputer, and the AES file acceleration module encrypts the plaintext code in the specified area into a ciphertext code, and the CRC module verifies the ciphertext code, if the verification is wrong, step S7 is executed, and if the verification is correct, step S8 is executed;

S7:DMA模块将备份的密文代码传输到原密文代码所在的特定存储区域将明文代码覆盖,密文代码传输完毕后单片机执行后面的代码;S7: The DMA module transfers the backup ciphertext code to the specific storage area where the original ciphertext code is located to cover the plaintext code. After the ciphertext code is transmitted, the single-chip microcomputer executes the following code;

S8:DMA模块将密文代码回传到原密文代码所在的特定存储区域将明文代码覆盖,密文代码全部回传完毕后单片机执行后面的代码;S8: The DMA module returns the ciphertext code to the specific storage area where the original ciphertext code is located to cover the plaintext code. After all the ciphertext codes are returned, the single-chip microcomputer executes the following code;

在执行步骤S2至S8的过程中,如果单机片掉电,DMA模块将备份的密文代码传输到原密文代码所在的特定存储区域将当前该特定存储区域内的代码覆盖。In the process of executing steps S2 to S8, if the stand-alone chip is powered off, the DMA module will transfer the backup ciphertext code to the specific storage area where the original ciphertext code is located, and overwrite the current code in the specific storage area.

在本技术方案中,MPU(MemoryProtectionUnit;内存保护单元)内存保护模块:能配置特定区域内存读、写以及代码执行,当单片机芯片执行特定区域的密文核心代码时,MPU产生一个中断。AES(AdvancedEncryptionStandard;高级加密标准)便件加速模块:AES便件加速模块能便件运算AES算法,大大减少AES加/解密时间,AES可采用128/192/256bits密钥。DMA(DirectMemoryAccess;直接内存访问单元)模块:数据传输模块,能在CPU睡眠情况下传输数据,减少功耗与传输数据时间。CRC(CyclicRedundancyCheck;循环冗余校验码)模块:数据校验模块,能校验AES模块加/解密后的数据。In this technical solution, MPU (MemoryProtectionUnit; memory protection unit) memory protection module: can configure specific area memory read, write and code execution, when single-chip microcomputer chip executes the ciphertext core code of specific area, MPU produces an interruption. AES (Advanced Encryption Standard; Advanced Encryption Standard) file acceleration module: AES file acceleration module can easily calculate the AES algorithm, greatly reducing the time of AES encryption/decryption, AES can use 128/192/256bits key. DMA (DirectMemoryAccess; direct memory access unit) module: a data transmission module that can transmit data while the CPU is sleeping, reducing power consumption and data transmission time. CRC (CyclicRedundancyCheck; Cyclic Redundancy Check Code) module: a data verification module that can verify the data encrypted/decrypted by the AES module.

在单片机芯片运行整个过程中,核心代码绝大部分时间都是以密文代码的形式存在,只有当其被执行时,解密并校验正确后,才会出现明文代码,而且该明文代码执行完毕后,又会重新加密成密文代码,明文代码出现的时间非常短。竞争者即使使用浸入式方式得到单片机的二进制代码,该二进制代码中我们要保护的核心代码是加密的密文代码,竞争者无法还原成源代码,得到我们要保护的核心代码,芯片破解的价值大大降低。During the whole process of the operation of the single-chip microcomputer chip, the core code exists in the form of ciphertext code most of the time. Only when it is executed, the decryption and verification are correct, the plaintext code will appear, and the plaintext code is executed. After that, it will be re-encrypted into a ciphertext code, and the plaintext code appears for a very short time. Even if competitors use the immersion method to obtain the binary code of the single-chip microcomputer, the core code we want to protect in the binary code is an encrypted ciphertext code, and the competitor cannot restore the source code to get the core code we want to protect, the value of chip cracking Greatly reduced.

在执行步骤S2至步骤S8的过程中,如果单片机掉电,原密文代码所在的特定存储区域可能存留全部明文代码或者一部分明文代码,这样会引起数据错乱,使单片机下次无法正常运行,同时存在代码被破解读出的风险。因此当单片机掉电时,将备份的密文代码传输到对应的原密文代码所在的特定存储区域将当前该特定存储区域内的代码覆盖,防止在特定存储区域明文阶段,掉电,引起数据错乱。In the process of performing steps S2 to S8, if the single-chip microcomputer is powered off, the specific storage area where the original ciphertext code is located may retain all plaintext codes or a part of plaintext codes, which will cause data confusion and make the single-chip microcomputer unable to run normally next time. There is a risk of the code being cracked and read out. Therefore, when the single-chip microcomputer is powered off, the backup ciphertext code is transferred to the specific storage area where the corresponding original ciphertext code is located, and the current code in the specific storage area is overwritten to prevent power failure in the plaintext stage of the specific storage area from causing data loss. Confused.

作为优选,所述步骤S1中对核心代码初始加密前先将核心代码分割成若干段,每段核心代码的数据长度为0至1024bytes,接着将每段核心代码分别通过AES加密算法加密成密文代码。每执行到一段密文代码所在的特定存储区域,MPU内存保护模块都产生一个中断,接着执行步骤S3至S8。将每段核心明文代码的数据长度控制在1024bytes以内,由于密文代码与对应的明文代码数据长度相同,密文代码的数据长度也在1024bytes以内,使单片机每一次执行明文代码和加解密明文代码的时间很短,从而减少每一段明文代码存在的时间,增加了破解的难度,提高核心代码的安全性。同时,即使核心代码数据长度较长,暂时存放明文代码和密文代码的易失性存储器也不需要太大。As preferably, the core code is divided into several sections before the initial encryption of the core code in the step S1, and the data length of each section of the core code is 0 to 1024bytes, and then each section of the core code is encrypted into ciphertext by the AES encryption algorithm code. Whenever a specific storage area where a piece of ciphertext code is located is executed, the MPU memory protection module generates an interrupt, and then steps S3 to S8 are executed. Control the data length of each core plaintext code within 1024bytes. Since the ciphertext code is the same as the corresponding plaintext code data length, the data length of the ciphertext code is also within 1024bytes, so that the single-chip computer executes the plaintext code and encrypts and decrypts the plaintext code every time. The time is very short, thereby reducing the time that each plaintext code exists, increasing the difficulty of cracking, and improving the security of the core code. At the same time, even if the data length of the core code is long, the volatile memory for temporarily storing the plaintext code and the ciphertext code does not need to be too large.

作为优选,所述步骤S1中对单片机内核心代码初始加密包括以下步骤:使用电脑上位机将单片机代码中的明文核心代码通过AES加密算法加密成密文代码,把该密文代码传输到单片机二进制烧录文件内明文核心代码所在的存储区域将明文核心代码覆盖,同时将电脑上位机生成的明文CRC密钥和密文CRC密钥添加到单片机二进制烧录文件内。As preferably, the initial encryption of the core code in the single-chip microcomputer in the step S1 includes the following steps: use the computer host computer to encrypt the plaintext core code in the single-chip microcomputer code into a ciphertext code through the AES encryption algorithm, and transmit the ciphertext code to the single-chip microcomputer binary The storage area where the plaintext core code is located in the burning file will cover the plaintext core code, and at the same time add the plaintext CRC key and ciphertext CRC key generated by the computer host computer to the single chip binary burning file.

作为优选,所述步骤S6中,DMA模块将明文代码传输到单片机的易失性存储器上的指定区域后,清除原密文代码所在特定存储区域上的明文代码。减少段明文代码存在的时间,增加了破解的难度,提高核心代码的安全性。Preferably, in the step S6, after the DMA module transfers the plaintext code to the specified area on the volatile memory of the single-chip microcomputer, clear the plaintext code on the specific storage area where the original ciphertext code is located. Reduce the existence time of a piece of plaintext code, increase the difficulty of cracking, and improve the security of the core code.

作为优选,所述AES便件加速模块采用256bits密钥。Preferably, the AES document acceleration module uses a 256bits key.

本发明的实质性效果是:(1)使单片机内的核心代码以密文的形式存在,即使破解者使用侵入式方式破解了单片机,将单片机内核心代码读出,也无法将密文形式的核心代码翻译成明文,从而保护了核心代码。(2)核心代码被分割成若干段,每段核心代码的数据长度为0至1024bytes,使单片机每一次执行明文代码和加解密明文代码的时间较短,从而减少每一段明文代码存在的时间,增加了破解的难度,提高核心代码的安全性。The substantive effects of the present invention are: (1) make the core code in the single-chip microcomputer exist in the form of ciphertext, even if the cracker uses an intrusive method to crack the single-chip microcomputer, the core code in the single-chip microcomputer is read out, and the ciphertext form cannot be read out. The core code is translated into plain text, thus protecting the core code. (2) The core code is divided into several sections, and the data length of each section of core code is 0 to 1024bytes, so that the single-chip microcomputer executes the plaintext code and encrypts and decrypts the plaintext code each time. The time is shorter, thereby reducing the time that each section of plaintext code exists. It increases the difficulty of cracking and improves the security of the core code.

附图说明Description of drawings

图1是本发明的一种流程图。Fig. 1 is a kind of flowchart of the present invention.

具体实施方式detailed description

下面通过实施例,并结合附图,对本发明的技术方案作进一步具体的说明。The technical solutions of the present invention will be further specifically described below through the embodiments and in conjunction with the accompanying drawings.

实施例:本实施例的一种单片机核心代码防破解的方法,单片机带有MPU内存保护模块、AES便件加速模块、DMA模块和CRC模块,如图1所示,包括以下步骤:Embodiment: the anti-cracking method of a kind of single-chip microcomputer core code of the present embodiment, single-chip microcomputer has MPU memory protection module, AES convenient document acceleration module, DMA module and CRC module, as shown in Figure 1, comprises the following steps:

S1:预先将单片机中的明文核心代码分割成若干段明文代码,每段明文代码的数据长度为0至1024bytes,使用电脑上位机将每段明文代码通过AES加密算法加密成密文代码,把每段密文代码传输到单片机内对应一段明文代码所在的存储区域将对应一段明文代码覆盖,并将明文CRC密钥和密文CRC密钥发送给单片机,同时将这些密文代码传输到单片机的非易失性存储器的备份存储区域进行备份;S1: Divide the plaintext core code in the single-chip microcomputer into several pieces of plaintext code in advance. The data length of each piece of plaintext code is 0 to 1024bytes. Use the computer host computer to encrypt each piece of plaintext code into ciphertext code through AES encryption algorithm, and convert each piece of plaintext code into ciphertext code. A section of ciphertext code is transmitted to the storage area corresponding to a section of plaintext code in the microcontroller, and the corresponding section of plaintext code is covered, and the plaintext CRC key and ciphertext CRC key are sent to the microcontroller, and these ciphertext codes are transmitted to the non- The backup storage area of the volatile memory for backup;

S2:单片机执行代码过程中,当执行到一段密文代码所在的特定存储区域时(该段密文代码存储区域的首地址),MPU内存保护模块产生一个中断;S2: During the code execution process of the single-chip microcomputer, when a specific storage area where a section of ciphertext code is executed (the first address of the storage area of the ciphertext code), the MPU memory protection module generates an interrupt;

S3:单片机当前执行的代码进入中断,DMA模块将该密文代码传输到单片机的易失性存储器上的指定区域,AES便件加速模块将指定区域的密文代码解密成明文代码,CRC模块校验明文代码,如果校验错误,则执行步骤S4,如果校验正确,则执行步骤S5;S3: The code currently executed by the MCU enters an interrupt, and the DMA module transfers the ciphertext code to the designated area on the volatile memory of the MCU, and the AES file acceleration module decrypts the ciphertext code in the designated area into a plaintext code, and the CRC module checks the Verify the plaintext code, if the verification is wrong, then perform step S4, if the verification is correct, then perform step S5;

S4:原密文代码保持不变,DMA模块不会将明文代码回传到原密文代码所在的特定存储区域,解密出的明文代码保留在易失性存储器上的指定区域,单片机当前执行的代码一直处于中断中,中断无法返回,单片机不能正常工作;S4: The original ciphertext code remains unchanged, the DMA module will not return the plaintext code to the specific storage area where the original ciphertext code is located, the decrypted plaintext code remains in the specified area on the volatile memory, The code is always interrupted, the interrupt cannot return, and the microcontroller cannot work normally;

S5:DMA模块将明文代码回传到原密文代码所在的特定存储区域将原密文代码覆盖,原密文代码被全部清除,明文代码全部回传完毕后,中断返回,单片机执行明文代码;S5: The DMA module returns the plaintext code to the specific storage area where the original ciphertext code is located to cover the original ciphertext code, and the original ciphertext code is completely cleared. After all the plaintext codes are returned, the interrupt returns, and the single-chip microcomputer executes the plaintext code;

S6:明文代码执行完毕后,DMA模块将该明文代码传输到单片机的易失性存储器上的指定区域,传输完毕后清除原密文代码所在特定存储区域上的明文代码,AES便件加速模块将指定区域的明文代码加密成密文代码,CRC模块校验密文代码,如果校验错误,则执行步骤S7,如果校验正确,则执行步骤S8;S6: After the plaintext code is executed, the DMA module transfers the plaintext code to the specified area on the volatile memory of the single-chip microcomputer. After the transmission is completed, the plaintext code on the specific storage area where the original ciphertext code is located is cleared, and the AES file acceleration module will The plaintext code in the specified area is encrypted into a ciphertext code, and the CRC module verifies the ciphertext code. If the verification is wrong, then perform step S7, and if the verification is correct, then perform step S8;

S7:DMA模块将备份的密文代码传输到原密文代码所在的特定存储区域将明文代码覆盖,密文代码传输完毕后单片机执行后面的代码;S7: The DMA module transfers the backup ciphertext code to the specific storage area where the original ciphertext code is located to cover the plaintext code. After the ciphertext code is transmitted, the single-chip microcomputer executes the following code;

S8:DMA模块将密文代码回传到原密文代码所在的特定存储区域将明文代码覆盖,密文代码全部回传完毕后单片机执行后面的代码;S8: The DMA module returns the ciphertext code to the specific storage area where the original ciphertext code is located to cover the plaintext code. After all the ciphertext codes are returned, the single-chip microcomputer executes the following code;

在执行步骤S2至S8的过程中,如果单机片掉电,DMA模块将备份的密文代码传输到对应原密文代码所在的特定存储区域将当前该特定存储区域内的代码覆盖。In the process of executing steps S2 to S8, if the stand-alone chip is powered off, the DMA module will transfer the backup ciphertext code to the specific storage area corresponding to the original ciphertext code to overwrite the current code in the specific storage area.

MPU(MemoryProtectionUnit;内存保护单元)内存保护模块:能配置特定区域内存读、写以及代码执行,当单片机芯片执行特定区域的密文核心代码时,MPU产生一个中断。AES(AdvancedEncryptionStandard;高级加密标准)便件加速模块:AES便件加速模块能便件运算AES算法,大大减少AES加/解密时间,AES可采用128/192/256bits密钥。DMA(DirectMemoryAccess;直接内存访问单元)模块:数据传输模块,能在CPU睡眠情况下传输数据,减少功耗与传输数据时间。CRC(CyclicRedundancyCheck;循环冗余校验码)模块:数据校验模块,能校验AES模块加/解密后的数据。MPU (MemoryProtectionUnit; memory protection unit) memory protection module: can configure specific area memory reading, writing and code execution, when the single-chip microcomputer chip executes the ciphertext core code of a specific area, the MPU generates an interrupt. AES (Advanced Encryption Standard; Advanced Encryption Standard) file acceleration module: AES file acceleration module can easily calculate the AES algorithm, greatly reducing the time of AES encryption/decryption, AES can use 128/192/256bits key. DMA (DirectMemoryAccess; direct memory access unit) module: a data transmission module that can transmit data while the CPU is sleeping, reducing power consumption and data transmission time. CRC (CyclicRedundancyCheck; Cyclic Redundancy Check Code) module: a data verification module that can verify the data encrypted/decrypted by the AES module.

在单片机芯片运行整个过程中,核心代码绝大部分时间都是以密文代码的形式存在,只有当其被执行时,解密并校验正确后,才会出现明文代码,而且该明文代码执行完毕后,又会重新加密成密文代码,明文代码出现的时间非常短。竞争者即使使用浸入式方式得到单片机的二进制代码,该二进制代码中我们要保护的核心代码是加密的密文代码,竞争者无法还原成源代码,得到我们要保护的核心代码,芯片破解的价值大大降低。During the whole process of the operation of the single-chip microcomputer chip, the core code exists in the form of ciphertext code most of the time. Only when it is executed, the decryption and verification are correct, the plaintext code will appear, and the plaintext code is executed. After that, it will be re-encrypted into a ciphertext code, and the plaintext code appears for a very short time. Even if competitors use the immersion method to obtain the binary code of the single-chip microcomputer, the core code we want to protect in the binary code is an encrypted ciphertext code, and the competitor cannot restore the source code to get the core code we want to protect, the value of chip cracking Greatly reduced.

本实施例中单片机主频为8MHz,AES便件加速模块采用256bits密钥,要保护的单片机核心代码的数据长度为2304bytes。在步骤S1中将其分割成5段明文代码,5段明文代码的数据长度分别为512bytes、512bytes、512bytes、512bytes和256bytes,每段明文代码的数据长度都不超过512bytes,由于密文代码与对应的明文代码数据长度相同,所以每段密文代码的数据长度也都不超过512bytes。In this embodiment, the main frequency of the single-chip microcomputer is 8MHz, the AES acceleration module adopts a 256bits key, and the data length of the core code of the single-chip microcomputer to be protected is 2304bytes. In step S1, it is divided into 5 sections of plaintext codes. The data lengths of the 5 sections of plaintext codes are 512bytes, 512bytes, 512bytes, 512bytes, and 256bytes respectively. The data length of each section of plaintext code does not exceed 512bytes. The data length of the plaintext code is the same, so the data length of each ciphertext code does not exceed 512bytes.

在单片机主频为8MHz,AES便件加速模块采用256bits密钥的情况下,对于数据长度512bytes的代码:解密时间为1.35ms,加密时间为1.35ms,代码执行时间为0.1ms。单片机每一次执行明文代码和加解密明文代码的时间很短,从而减少每一段明文代码存在的时间,增加了破解的难度,提高核心代码的安全性。同时,即使核心代码数据长度较长,暂时存放明文代码和密文代码的易失性存储器也不需要太大。In the case that the main frequency of the single-chip microcomputer is 8MHz, and the AES file acceleration module adopts a 256bits key, for a code with a data length of 512bytes: the decryption time is 1.35ms, the encryption time is 1.35ms, and the code execution time is 0.1ms. The single-chip microcomputer executes the plaintext code and encrypts and decrypts the plaintext code every time for a very short time, thereby reducing the existence time of each plaintext code, increasing the difficulty of cracking, and improving the security of the core code. At the same time, even if the data length of the core code is long, the volatile memory for temporarily storing the plaintext code and the ciphertext code does not need to be too large.

在执行步骤S2至步骤S8的过程中,如果单片机掉电,原密文代码所在的特定存储区域可能存留全部明文代码或者一部分明文代码,这样会引起数据错乱,使单片机下次无法正常运行,同时存在代码被破解读出的风险。因此当单片机掉电时,将备份的密文代码传输到对应的原密文代码所在的特定存储区域将当前该特定存储区域内的代码覆盖,防止在特定存储区域明文阶段,掉电,引起数据错乱。In the process of performing steps S2 to S8, if the single-chip microcomputer is powered off, the specific storage area where the original ciphertext code is located may retain all plaintext codes or a part of plaintext codes, which will cause data confusion and make the single-chip microcomputer unable to run normally next time. There is a risk of the code being cracked and read out. Therefore, when the single-chip microcomputer is powered off, the backup ciphertext code is transferred to the specific storage area where the corresponding original ciphertext code is located, and the current code in the specific storage area is overwritten to prevent power failure in the plaintext stage of the specific storage area from causing data loss. Confused.

Claims (4)

1.一种单片机核心代码防破解的方法,所述单片机带有MPU内存保护模块、AES硬件加速模块、DMA模块和CRC模块,其特征在于,包括以下步骤:1. a single-chip microcomputer core code anti-cracking method, said single-chip microcomputer has MPU memory protection module, AES hardware acceleration module, DMA module and CRC module, it is characterized in that, may further comprise the steps: S1:预先对单片机内需要保护的核心代码进行初始加密,将核心代码通过AES加密算法加密成密文代码,同时将该密文代码进行备份,备份的密文代码存储在单片机的非易失性存储器上;S1: Initially encrypt the core code that needs to be protected in the microcontroller in advance, encrypt the core code into a ciphertext code through the AES encryption algorithm, and back up the ciphertext code at the same time, and the backup ciphertext code is stored in the non-volatile memory of the microcontroller on memory; S2:单片机执行代码过程中,当执行到一段密文代码所在的特定存储区域时,MPU内存保护模块产生一个中断;S2: During the execution of the code by the microcontroller, when the execution reaches a specific storage area where a piece of ciphertext code is located, the MPU memory protection module generates an interrupt; S3:单片机当前执行的代码进入中断,DMA模块将该密文代码传输到单片机的易失性存储器上的指定区域,AES硬件加速模块将指定区域的密文代码解密成明文代码,CRC模块校验明文代码,如果校验错误,则执行步骤S4,如果校验正确,则执行步骤S5;S3: The code currently executed by the MCU enters an interrupt, the DMA module transfers the ciphertext code to the designated area on the volatile memory of the MCU, the AES hardware acceleration module decrypts the ciphertext code in the designated area into a plaintext code, and the CRC module checks Plain text code, if the verification is wrong, then execute step S4, if the verification is correct, then execute step S5; S4:原密文代码保持不变,DMA模块不会将明文代码回传到原密文代码所在的特定存储区域,单片机当前执行的代码一直处于中断中,中断无法返回;S4: The original ciphertext code remains unchanged, and the DMA module will not return the plaintext code to the specific storage area where the original ciphertext code is located. The code currently executed by the MCU is always interrupted, and the interrupt cannot return; S5:DMA模块将明文代码回传到原密文代码所在的特定存储区域将原密文代码覆盖,明文代码全部回传完毕后,中断返回,单片机执行明文代码;S5: The DMA module returns the plaintext code to the specific storage area where the original ciphertext code is located to overwrite the original ciphertext code. After all the plaintext codes are returned, the interrupt returns, and the microcontroller executes the plaintext code; S6:明文代码执行完毕后,DMA模块将该明文代码传输到单片机的易失性存储器上的指定区域,AES硬件加速模块将指定区域的明文代码加密成密文代码,CRC模块校验密文代码,如果校验错误,则执行步骤S7,如果校验正确,则执行步骤S8;S6: After the plaintext code is executed, the DMA module transfers the plaintext code to the specified area on the volatile memory of the microcontroller, the AES hardware acceleration module encrypts the plaintext code in the specified area into a ciphertext code, and the CRC module verifies the ciphertext code , if the verification is wrong, step S7 is executed, and if the verification is correct, step S8 is executed; S7:DMA模块将备份的密文代码传输到原密文代码所在的特定存储区域将明文代码覆盖,密文代码传输完毕后单片机执行后面的代码;S7: The DMA module transfers the backup ciphertext code to the specific storage area where the original ciphertext code is located to overwrite the plaintext code. After the ciphertext code is transmitted, the MCU executes the following code; S8:DMA模块将密文代码回传到原密文代码所在的特定存储区域将明文代码覆盖,密文代码全部回传完毕后单片机执行后面的代码;S8: The DMA module returns the ciphertext code to the specific storage area where the original ciphertext code is located to overwrite the plaintext code. After all the ciphertext codes are returned, the MCU executes the following code; 在执行步骤S2至S8的过程中,如果单机片掉电,DMA模块将备份的密文代码传输到原密文代码所在的特定存储区域将当前该特定存储区域内的代码覆盖;In the process of executing steps S2 to S8, if the stand-alone chip is powered off, the DMA module will transfer the backup ciphertext code to the specific storage area where the original ciphertext code is located to overwrite the current code in the specific storage area; 所述步骤S1中对核心代码初始加密前先将核心代码分割成若干段,每段核心代码的数据长度为0至1024bytes,接着将每段核心代码分别通过AES加密算法加密成密文代码。In the step S1, before the initial encryption of the core code, the core code is divided into several sections, the data length of each section of the core code is 0 to 1024 bytes, and then each section of the core code is encrypted into a ciphertext code through the AES encryption algorithm. 2.根据权利要求1所述的一种单片机核心代码防破解的方法,其特征在于,所述步骤S1中对单片机内核心代码初始加密包括以下步骤:使用电脑上位机将单片机代码中的明文核心代码通过AES加密算法加密成密文代码,把该密文代码传输到单片机二进制烧录文件内明文核心代码所在的存储区域将明文核心代码覆盖,同时将电脑上位机生成的明文CRC密钥和密文CRC密钥添加到单片机二进制烧录文件内。2. the method for anti-cracking of a kind of single-chip microcomputer core code according to claim 1, it is characterized in that, in described step S1, the core code initial encryption in the single-chip microcomputer comprises the following steps: use computer upper computer to convert the plaintext core in the single-chip microcomputer code The code is encrypted into a ciphertext code through the AES encryption algorithm, and the ciphertext code is transmitted to the storage area where the plaintext core code is located in the binary burning file of the microcontroller to cover the plaintext core code, and at the same time, the plaintext CRC key and password generated by the computer host computer are The text CRC key is added to the binary programming file of the microcontroller. 3.根据权利要求1或2所述的一种单片机核心代码防破解的方法,其特征在于:所述步骤S6中,DMA模块将明文代码传输到单片机的易失性存储器上的指定区域后,清除原密文代码所在特定存储区域上的明文代码。3. according to claim 1 or 2 described a kind of method for anti-cracking of single-chip microcomputer core code, it is characterized in that: in described step S6, after DMA module transfers plaintext code to the specified area on the volatile memory of single-chip microcomputer, Clear the plaintext code on the specific storage area where the original ciphertext code is located. 4.根据权利要求1或2所述的一种单片机核心代码防破解的方法,其特征在于:所述AES硬件加速模块采用256bits密钥。4. the method for preventing cracking of a kind of single-chip microcomputer core code according to claim 1 or 2, is characterized in that: described AES hardware acceleration module adopts 256bits key.
CN201310475562.7A 2013-10-12 2013-10-12 A kind of anti-method cracking of monolithic microcomputer kernel code Withdrawn - After Issue CN103761456B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201310475562.7A CN103761456B (en) 2013-10-12 2013-10-12 A kind of anti-method cracking of monolithic microcomputer kernel code

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201310475562.7A CN103761456B (en) 2013-10-12 2013-10-12 A kind of anti-method cracking of monolithic microcomputer kernel code

Publications (2)

Publication Number Publication Date
CN103761456A CN103761456A (en) 2014-04-30
CN103761456B true CN103761456B (en) 2016-05-11

Family

ID=50528692

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201310475562.7A Withdrawn - After Issue CN103761456B (en) 2013-10-12 2013-10-12 A kind of anti-method cracking of monolithic microcomputer kernel code

Country Status (1)

Country Link
CN (1) CN103761456B (en)

Families Citing this family (10)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN104156675B (en) * 2014-08-05 2024-06-21 知运保(亳州)技术开发有限公司 Chip Encryptor
CN104573425B (en) * 2014-12-31 2018-01-30 上海格尔软件股份有限公司 A kind of Python program module encryption methods based on symmetry algorithm and special load-on module
CN107066843A (en) * 2017-03-31 2017-08-18 武汉斗鱼网络科技有限公司 A kind of method and device protected to application program
CN106951746B (en) * 2017-04-25 2020-01-21 厦门芯阳科技股份有限公司 Method and system for preventing reverse cracking of temperature control program
CN107194210B (en) * 2017-05-05 2019-07-30 厦门芯阳科技股份有限公司 A kind of anti-crack method of single-chip microcontroller code
FR3069935A1 (en) * 2017-08-01 2019-02-08 Maxim Integrated Products, Inc. DEVICES AND METHODS FOR INTELLECTUAL PROPERTY PROTECTION OF SOFTWARE FOR INTEGRATED PLATFORMS
CN109858241B (en) * 2017-11-22 2021-12-17 浙江智贝信息科技有限公司 Single-equipment code safe execution and interaction method and interaction system thereof
CN109446757B (en) * 2018-10-25 2022-03-15 石生花微电子(南京)有限公司 Method for protecting general MCU program
CN110609789A (en) * 2019-08-29 2019-12-24 烽火通信科技股份有限公司 Method and system for software License verification
CN114239005A (en) * 2021-11-15 2022-03-25 中国人民解放军63601部队 Encryption method for protecting Python code

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101950345A (en) * 2010-09-29 2011-01-19 山东大学 Hardware decryption-based high-reliability terminal equipment and working method thereof
CN102324006A (en) * 2011-09-06 2012-01-18 四川九洲电器集团有限责任公司 Processor program safety protection device and method
CN102938046A (en) * 2012-10-11 2013-02-20 杭州晟元芯片技术有限公司 Code protection method based on static encrypted storage and dynamic decrypted operation

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP5552541B2 (en) * 2009-12-04 2014-07-16 クリプトグラフィ リサーチ, インコーポレイテッド Verifiable leak-proof encryption and decryption

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN101950345A (en) * 2010-09-29 2011-01-19 山东大学 Hardware decryption-based high-reliability terminal equipment and working method thereof
CN102324006A (en) * 2011-09-06 2012-01-18 四川九洲电器集团有限责任公司 Processor program safety protection device and method
CN102938046A (en) * 2012-10-11 2013-02-20 杭州晟元芯片技术有限公司 Code protection method based on static encrypted storage and dynamic decrypted operation

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
《单片机控制程序加密策略探索与应用》;潘永雄 等;《计算机工程与设计》;20100616;第2466-2469页 *

Also Published As

Publication number Publication date
CN103761456A (en) 2014-04-30

Similar Documents

Publication Publication Date Title
CN103761456B (en) A kind of anti-method cracking of monolithic microcomputer kernel code
KR102013841B1 (en) Method of managing key for secure storage of data, and and apparatus there-of
CN103221961B (en) Method and apparatus including architecture for protecting multi-user sensitive code and data
CN101026455B (en) security processor
CN100361039C (en) Secure processor
KR101565223B1 (en) System and method for in-place encryption
CN100437618C (en) Portable information safety device
CN102436423B (en) Controller and method for protecting NorFlash core data outside universal sheet
US20070101158A1 (en) Security region in a non-volatile memory
CN109992987B (en) Script file protection method and device based on Nginx and terminal equipment
CN102609665B (en) Method and device for signing user program and method and device for verifying signature of user program
CN104331644A (en) Transparent encryption and decryption method for intelligent terminal file
CN103106372A (en) Lightweight class privacy data encryption method and system for Android system
CN105320895B (en) High-performance autonomous hardware engine for in-line cryptographic processing
US7272228B2 (en) System and method for securing code and ensuring proper execution using state-based encryption
CN104486355A (en) Method and device for preventing codes from being maliciously tampered with
US20190044973A1 (en) Replay protection for memory based on key refresh
Werner et al. Protecting risc-v processors against physical attacks
TW201530344A (en) Application program access protection method and application program access protection device
CN107784226A (en) Method and system for preventing malicious tampering of codes by using asymmetric encryption algorithm
CN117472465A (en) System-on-chip secure starting method and device, electronic equipment and storage medium
CN105162578B (en) Encrypted circuit applied to nextport universal digital signal processor NextPort
CN103347017A (en) Data processing method and system on chip
JP2007310601A (en) Microcomputer and method for protecting its software
CN101950345B (en) Hardware decryption-based high-reliability terminal equipment and working method thereof

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
AV01 Patent right actively abandoned

Granted publication date: 20160511

Effective date of abandoning: 20250916

AV01 Patent right actively abandoned

Granted publication date: 20160511

Effective date of abandoning: 20250916