[go: up one dir, main page]

CN119903492B - A registration code generation and verification method and system based on elliptic curve short signature - Google Patents

A registration code generation and verification method and system based on elliptic curve short signature

Info

Publication number
CN119903492B
CN119903492B CN202411882972.8A CN202411882972A CN119903492B CN 119903492 B CN119903492 B CN 119903492B CN 202411882972 A CN202411882972 A CN 202411882972A CN 119903492 B CN119903492 B CN 119903492B
Authority
CN
China
Prior art keywords
software
code
registration code
elliptic curve
registration
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN202411882972.8A
Other languages
Chinese (zh)
Other versions
CN119903492A (en
Inventor
李维刚
王辉
黄锦阳
张朝壹
许玉虾
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Beijing Lida Xin'an Technology Co ltd
Beijing Leadal Technology Development Co ltd
Original Assignee
Beijing Lida Xin'an Technology Co ltd
Beijing Leadal Technology Development Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Beijing Lida Xin'an Technology Co ltd, Beijing Leadal Technology Development Co ltd filed Critical Beijing Lida Xin'an Technology Co ltd
Priority to CN202411882972.8A priority Critical patent/CN119903492B/en
Publication of CN119903492A publication Critical patent/CN119903492A/en
Application granted granted Critical
Publication of CN119903492B publication Critical patent/CN119903492B/en
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/64Protecting data integrity, e.g. using checksums, certificates or signatures

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • Health & Medical Sciences (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Storage Device Security (AREA)

Abstract

The invention relates to a registration code generation and verification method and system based on elliptic curve short signature, and belongs to the technical field of information security. The registration code generation method comprises the steps of generating a machine code based on hardware information of equipment for installing software and identification information of the software, generating a random elliptic curve key pair, carrying out short signature on the machine code based on a private key in the key pair to obtain a corresponding signature value (r, s), and generating the registration code based on the signature value (r, s). The verification method comprises the steps of generating a machine code corresponding to the software operated by the equipment, restoring the registration code to be verified to obtain a signature value (r ', s'), and verifying the registration code based on the machine code and the signature value (r ', s'). The registration code is generated based on elliptic curve public key cryptography and a short signature algorithm, the registration code length is similar to that of the traditional registration code, the registration code is bound with running equipment to prevent the software from being used on unauthorized equipment, and the copyright protection of the software is realized while the registration code length is effectively shortened.

Description

Registration code generation and verification method and system based on elliptic curve short signature
Technical Field
The invention relates to the technical field of information security, in particular to a registration code generation and verification method and system based on elliptic curve short signature.
Background
The conventional software registration methods include registration code registration, encryption lock registration, authorization file registration, etc., wherein the registration code registration is most convenient, so that the use is more common.
In the prior art, a symmetric calculation protocol is adopted in a software registration code generation and verification algorithm protocol, a hacker can crack the registration code generation algorithm through a reverse analysis software registration verification module, so that a registration machine for writing the software is written and distributed on the Internet, and a user can bypass the software authorization verification function through the registration machine for generating legal registration codes, which is also a main reason that a large number of software has a large number of cracked versions on the Internet at present. A registration code generation and verification method based on a symmetric algorithm protocol is characterized in that a hacker can crack a generation algorithm of the registration code and develop registration machine software through an inverse registration code verification program, which is the most important cause of software being abused by pirate at present. That is, the registration code and the verification method generated by the confidentiality of the registration code generation algorithm protocol have considerable limitation in protecting the software copyright, especially when the user quantity of the software is large enough, the power of hacking the registration code is strong, and the protection mechanism has no satisfied requirement on the software copyright protection capability.
Registration code generation and verification based on symmetric algorithm protocols (e.g., digital digest algorithm, keyed digital digest algorithm, block cipher algorithm) often appear very unaware of reverse analysis attacks against software, which are difficult to protect against for registrar software developed by hackers. Therefore, some software developers try to realize the generation and verification of the registration codes by using a public key cryptographic algorithm, the private key used in the generation of the registration codes is owned by a software merchant, the verification only needs a public key, the public key is publicable, the registration code generation and verification algorithm protocol of the public key cryptographic algorithm is publicable, and the security depends on the public key cryptographic technology. If an attacker wants to crack the registration code protection of the software, the attacker needs to crack the private key of the software developer, and the security of the public key password ensures that the public key password needs to be cracked for thousands of years under the existing computing capability of the computer, and obviously, the attack means through cracking Jie Gong key password is invalid. However, public key cryptography is usually adopted, whether an RSA (Ron Rivest, ADI SHAMIR and Leonard Adleman) algorithm based on the large number of decomposition difficulties or ECC (Elliptic Curve Cryptography) based on the discrete logarithm difficulties is long (at least 64 bytes of binary data, more than 100 characters are obtained after coding), so that manual input by a user is obviously inconvenient, and the public key cryptography can only be imported in an authorized file mode, and compared with the traditional registration codes, the public key cryptography has the advantages that the application range and the operational convenience are poor, and for some soft and hard integrated products, the registration codes need to be printed on product labels, the overlong registration codes are difficult to print on the product labels, and the input of overlong registration codes is more difficult to be accepted by the user.
Disclosure of Invention
In view of the above analysis, the invention aims to disclose a registration code generation and verification method and a system based on elliptic curve short signature, which are used for effectively realizing copyright protection of software by carrying out short signature on a machine code of a software operation environment, generating a registration code with the length similar to that of a traditional registration code through encoding, and binding the registration code with an operated device through signature verification so as to prevent the software from being used on an unauthorized device.
In one aspect, the invention provides a registration code generation method based on elliptic curve short signature, which specifically comprises the following steps:
Generating a machine code corresponding to the running of the software by the equipment based on the hardware information of the equipment for installing the software and the identification information of the software;
Generating a random elliptic curve key pair (sk, PK), and performing short signature on the machine code based on a private key sk in the key pair to obtain a corresponding signature value (r, s);
a registration code for the software running on the device is generated based on the signature value (r, s).
Further, the performing short signature on the machine code based on the private key in the key pair to obtain a corresponding signature value includes:
Generating a random number k and calculating a point P=k.G on an elliptic curve corresponding to k, wherein G is a base point of the elliptic curve, and the order of G is prime;
determining r of a signature value based on the x coordinate of the elliptic curve point P;
Calculating a digital abstract of the machine code to obtain a characteristic code of the machine code, and converting the characteristic code into a large integer h;
s of a signature value is obtained through calculation based on h and the private key, s=k -1 (h+sk) mod n, wherein n is the order of a base point G, and sk is the private key;
the signature value (r, s) is constructed based on r and s.
Further, the generating a registration code for the software to run on the device based on the signature value includes:
Splicing byte streams of the signature values (r, s) to obtain byte streams, and adopting Base64 coding to obtain displayable character strings, wherein the displayable character strings do not contain characters "/" or "+";
and obtaining the registration code based on the displayable character string.
Further, the generating the machine code corresponding to the running of the software by the device based on the hardware information of the device for installing the software and the identification information of the software includes:
splicing the hardware information and the identification information into an information character string;
calculating to obtain a corresponding information digital abstract based on the information character string;
dividing the information digital abstract into two groups of high and low bits according to bits, and carrying out logic operation on the two groups of data to obtain corresponding information bit data;
obtaining a machine code character string according to hexadecimal coding of the information bit data;
The machine code is determined based on the machine code string.
Further, the hardware information comprises a hard disk serial number, a CPU serial number, a BIOS serial number and a network card MAC address;
The identification information comprises a software name, a developer name and a version number;
and calculating to obtain a corresponding information digital abstract based on the information character string by using an SHA256 or SM3 algorithm.
On the other hand, the invention also provides a registration code verification method based on elliptic curve short signature, which is used for verifying the registration code generated by the registration code generation method, and comprises the following steps:
Generating a machine code corresponding to the running of the software by the equipment based on the hardware information of the equipment for installing the software and the identification information of the software;
restoring the registration code to be verified to obtain a signature value (r ', s');
the registration code is verified based on the machine code and the signature value (r ', s').
Further, the restoring the registration code to be verified to obtain the signature value (r ', s') includes:
Obtaining a corresponding displayable character string based on the registration code to be verified;
performing Base64 decoding on the corresponding displayable character strings to obtain corresponding byte streams;
a signature value (r ', s') is derived based on the corresponding byte stream.
Further, the verifying the registration code based on the machine code and the signature value (r ', s') comprises:
Calculating a digital abstract of the machine code to obtain a feature code of the machine code, and converting the feature code into a large integer h';
taking a modulus of the large integer h 'to obtain an integer h 1,h1 =h' mod n, wherein n is the order of the base point G;
Calculating a point P 1,P1=h1 G on the elliptic curve corresponding to h 1;
Calculating a verification point P 2,P2=s′-1(P1 +PK on an elliptic curve based on the public key in the key pair, wherein s '-1 represents modulo s' inversion, and PK is the public key in the random elliptic curve key pair;
Determining r' based on the x coordinate of P 2;
Comparing whether r and r' are equal, if so, the registration code is legal, otherwise, the registration code is illegal.
On the other hand, the invention also provides a registration code generation and verification system based on elliptic curve short signature, which comprises:
the device comprises a machine code generation module, a software generation module and a software generation module, wherein the machine code generation module is used for generating a machine code corresponding to the running of the software by the device based on hardware information of the device for installing the software and identification information of the software;
The registration code generation module is used for carrying out short signature on the machine code based on a private key sk in the generated random elliptic curve key pair (sk, PK) to obtain a corresponding signature value (r, s);
The registration code verification module is used for verifying the registration code generated by the registration code generation module, and comprises the steps of generating a machine code corresponding to the running software of the equipment based on the hardware information of the equipment for installing the software and the identification information of the software, restoring the registration code to be verified to obtain a signature value (r ', s'), and verifying the registration code to be verified based on the machine code and the signature value (r ', s').
Further, when the registration code is generated, the registration code generation module safely acquires a private key in the random elliptic curve key pair from a software manufacturer;
the registration code verification module adopts a key dispersion algorithm to conceal and configure a public key in the random elliptic curve key pair in advance.
The invention can realize at least one of the following beneficial effects:
the short signature algorithm process innovatively designed by the invention greatly shortens the length of the signature so as to meet the requirement that registration codes are usually smaller than 30 characters, and greatly improves the operation experience of users. According to the embodiment, the machine code is generated based on the hardware information of the software running device and the identification information of the software, and the registration code is generated based on the machine code, so that the hardware binding of the software and the running environment is realized, the problem of copyright protection of the software can be effectively solved, and any illegal copy of the software to unauthorized devices cannot be run.
The invention generates the registration code through elliptic curve signature based on the machine code of the software running environment, and the private key used for signature is only owned by the software developer, so the registration code cannot be counterfeited and counterfeited, and any attack layout for generating and decoding the registration code tool software is futile, thereby effectively realizing the copyright protection of the software.
The public key cipher algorithm is acknowledged to be safe under the existing computer processing capacity, and the cipher strength is provable to be safe, so that the generation method and the verification method are safe and effective, and the problem that the registration code is reversely analyzed by a hacker to obtain the registration code generation algorithm is solved, thereby developing the function of a registration machine cracking program. Meanwhile, the invention adopts a short signature algorithm, thereby solving the problem that the registration code form cannot be used due to overlong authorization code generated by the signature algorithm adopting public key cryptography.
Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims hereof as well as the appended drawings.
Drawings
The drawings are only for purposes of illustrating particular embodiments and are not to be construed as limiting the invention, like reference numerals being used to refer to like parts throughout the several views.
FIG. 1 is a flow chart of a registration code generation and verification method based on elliptic curve short signature of the present invention;
FIG. 2 is a diagram illustrating the generation of machine code according to an embodiment of the present invention;
FIG. 3 is a schematic diagram of generating registration codes according to an embodiment of the present invention;
Fig. 4 is a schematic diagram of a registration code verification process according to an embodiment of the present invention.
Detailed Description
The following detailed description of preferred embodiments of the application is made in connection with the accompanying drawings, which form a part hereof, and together with the description of the embodiments of the application, are used to explain the principles of the application and are not intended to limit the scope of the application.
Method embodiment
The invention discloses a registration code generation method based on elliptic curve short signature, which is characterized in that a machine code uniquely corresponding to equipment for running software is generated based on hardware information of the equipment for installing the software and identification information of the software, and then the registration code running on the equipment is obtained by carrying out short signature on the machine code based on an elliptic curve key. The method of the embodiment comprises a machine code generation method and a registration code generation method.
Method for generating machine code
Specifically, a machine code corresponding to the running of the software by the device is generated based on the hardware information of the device for installing the software and the identification information of the software, and the method comprises steps S101-S104.
S101, when the device for installing the software runs the software for the first time, acquiring hardware information of the device, wherein the hardware information comprises a hard disk serial number, a CPU serial number, a BIOS serial number, a network card MAC address and the like.
S102, when the device for installing the software runs the software for the first time, the identification information of the software is acquired, wherein the identification information comprises a software name, a developer name, a version number and the like. The steps S101 and S102 may be performed simultaneously without limiting the execution sequence.
And S103, splicing the hardware information and the identification information into an information character string, and calculating to obtain a corresponding information digital abstract based on the information character string by utilizing an SHA256 or SM3 algorithm.
S104, dividing the information digital abstract into two groups of high and low bits according to bits, carrying out logic operation on the two groups of data to obtain corresponding information bit data, obtaining a machine code character string according to hexadecimal coding on the information bit data, and determining the machine code based on the machine code character string.
Further, in step S104, determining the machine code based on the machine code string includes:
taking the machine code character string as the machine code;
Or, converting the machine code character string into a character string in a segmented format by using a plurality of connectors as the machine code.
In one embodiment, the information digital abstract is 32 bytes, the information digital abstract of 32 bytes is divided into two groups of high 128 bits and low 128 bits, 128 bits of data are obtained by exclusive-or of the two groups of information bits, then hexadecimal encoding is carried out to obtain a machine code character string with the length of 32 bits, further, the machine code character string with the length of 32 bits is divided into 5 sections according to 8-4-4-4-12, and 36 character strings are obtained by connecting the middle with '-', for example, 20210914-B07D-64D7-2184-B07D64D72188.
Registration code generation method
The registration code generation method comprises the steps of generating a random elliptic curve key pair (sk, PK), carrying out short signature on a machine code based on a private key sk in the key pair to obtain a corresponding signature value (r, s), and generating the registration code of the software running on the equipment based on the signature value (r, s). Specifically, steps S201 to S204 are included.
S201, generating a random elliptic curve key pair (sk, PK), where pk=sk·g, sk is a private key, PK is a point on the elliptic curve and is a public key, and G is a base point of an elliptic curve parameter. It should be noted that, the private key sk is securely stored by the software developer, and when the registration code needs to be generated, the private key in the random elliptic curve key pair is securely obtained from the software producer.
S202, performing short signature on the machine code based on a private key in the key pair to obtain a corresponding signature value (r, S), wherein the method comprises the following steps:
⑴ Generating a random number k;
⑵ Calculating a point P=k.G on an elliptic curve corresponding to the random number k, wherein G is a base point of the elliptic curve, and the order of G is prime;
⑶ Determining r of a signature value based on the x coordinate of the elliptic curve point P;
⑷ Calculating a digital abstract of the machine code to obtain a characteristic code of the machine code, and carrying out characteristic extraction on the characteristic code
Code conversion to a large integer h;
⑸ Calculating s of a signature value based on h and the private key, wherein s=k -1 (h+sk) mod n, n is the order of a base point G (n is the prime factor of #E (F Q)), and sk is the private key;
⑹ The signature value (r, s) is constructed based on r and s.
S203, splicing the byte streams of the signature values (r, S) to obtain a byte stream which is encoded by Base64 to obtain a displayable character string, and returning to the step S202 to execute again if the obtained displayable character string contains characters "/" or "+", until the displayable character string does not contain characters "/" or "+";
s204, obtaining the registration code based on the displayable character string.
In one embodiment, in the registration code generation process, sk is a large integer of 112 bits, and the length of the random number k is 112 bits.
Further, r of the signature value is determined based on the high 32 bits (or the low 32 bits, or the middle 32 bits of all bits of the coordinates) of the x-coordinate of the elliptic curve point P.
Further, the SHA256 or SM3 algorithm is utilized to calculate the digital abstract for the machine code to obtain the characteristic code of the 256-bit machine code.
Further, the byte streams of the signature values (r, s) are spliced to obtain 18-byte streams, and Base64 coding is adopted to obtain a displayable character string with the length of 24 bits.
Further, the displayable string with 24 bits length is divided into 4 segments in a format of "6-6-6-6", and the segments are connected by a character "-" to obtain the generated registration code, for example MdP qY-m6xZWY-Xc5u91-fWyV v.
According to the registration code generation method based on elliptic curve short signature, the short signature algorithm process innovatively designed by the invention greatly shortens the length of the signature so as to meet the requirement that the registration code is usually smaller than 30 characters, and greatly improves the operation experience of users. According to the embodiment, the machine code is generated based on the hardware information of the software running device and the identification information of the software, and the registration code is generated based on the machine code, so that the hardware binding of the software and the running environment is realized, the problem of copyright protection of the software can be effectively solved, and any illegal copy of the software to unauthorized devices cannot be run.
An embodiment of the invention discloses a registration code verification method based on elliptic curve short signature, which is used for verifying a registration code generated by using the registration code generation method of the invention, and comprises steps S301-S306.
And S301, acquiring a public key PK in the random elliptic curve key pair.
S302, generating a machine code corresponding to the running of the software by the equipment based on the hardware information of the equipment for installing the software and the identification information of the software, wherein the generation process is the same as that of the steps S101-S104.
S303, checking whether the software is registered, if not, requiring to input a registration code to be verified, and if so, reading the registered registration code.
S304, restoring the registration code to be verified to obtain a signature value (r ', S'), wherein the signature value (r ', S') is obtained based on the registration code to be verified, and the corresponding displayable character string is subjected to Base64 decoding to obtain a corresponding byte stream.
S305, verifying the registration code based on the machine code and the signature value (r ', S'), comprising the steps ①~⑥:
① Calculating a digital abstract of the machine code to obtain a feature code of the machine code, and converting the feature code into a large integer h', wherein the step is a corresponding relation with ⑷ of S202, and the length of the feature code of the calculated machine code is equal to the length of the feature code obtained in ⑷ of S202
The same;
② Modulo the large integer h 'to obtain the integer h 1,h1 =h' mod n, where n is n of ⑸ in S202;
③ Calculating a point P 1,P1=h1 G on the elliptic curve corresponding to h 1;
④ Calculating a verification point P 2,P2=s′-1 on an elliptic curve based on the public key of the key pair
(P 1 +pk), wherein s '-1 represents modulo inversion of s';
⑤ Determining r' based on the x coordinate of P 2;
⑥ Comparing whether r and r' are equal, if so, the registration code is legal, otherwise, the registration code is illegal.
S306, if the registration code passes verification, the software is normally entered, otherwise, the registration code input interface is returned.
The registration code generated by the registration code generation method is verified, wherein the registration code is generated by the machine code based on the software running environment through elliptic curve signature, and the private key used for signature is only owned by a software developer, so the registration code cannot be counterfeited and counterfeited, and any attack layout for generating and decoding registration code tool software is futile, thereby effectively realizing copyright protection of the software.
The invention adopts public cipher algorithm for generating and verifying registration codes, the security depends on public key cipher guarantee, the public key cipher algorithm is acknowledged to be safe under the existing computer processing capacity, and the cipher strength is provable to be safe, so the generating method and the verifying method of the invention are safe and effective, and the function that the registration codes are reversely analyzed by hackers to obtain the registration code generating algorithm so as to develop a program for cracking the registration machine is solved. Meanwhile, the invention adopts a short signature algorithm, thereby solving the problem that the registration code form cannot be used due to overlong authorization code generated by the signature algorithm adopting public key cryptography.
System embodiment
The invention discloses a registration code generation and verification system based on elliptic curve short signature, which comprises a machine code generation module, a registration code generation module and a registration code verification module.
Specifically, the machine code generation module is used for generating a machine code corresponding to the running of the software by the equipment based on the hardware information of the equipment for installing the software and the identification information of the software;
the registration code generation module is used for carrying out short signature on the machine code based on a private key sk in the generated random elliptic curve key pair (sk, PK) to obtain a corresponding signature value (r, s);
The registration code verification module is used for verifying the registration code generated by the registration code generation module, and comprises the steps of generating a machine code corresponding to the running software of the equipment based on the hardware information of the equipment for installing the software and the identification information of the software, restoring the registration code to be verified to obtain a signature value (r ', s'), and verifying the registration code to be verified based on the machine code and the signature value (r ', s').
Furthermore, the random elliptic curve key pair can be generated in advance when the software is released, the private key sk is safely stored by a software developer and used for generating a registration code, and the public key PK is used as a verification key parameter of the registration code and preset in a registration code verification module.
Further, to protect the public key PK from replacement, the public key is subjected to a key dispersion algorithm.
Further, the registration code generation module securely obtains the private key of the random elliptic curve key pair from the software manufacturer when generating the registration code.
Further, when the registration code verification module verifies the registration code, the public key PK corresponding to the restored registration code signature is extracted from the public key parameters preset by the registration code verification module through the inverse operation of the key dispersion algorithm.
The registration code generation and verification system based on elliptic curve short signature can prevent a public key from being replaced and attacked by a hacker, so that the hacker cannot extract the correct public key to prevent the correct public key from being replaced, and the security of the registration code is further ensured.
It should be noted that, the above embodiments are based on the same inventive concept, and the description is not repeated, and the description may be referred to each other.
The present invention is not limited to the above-mentioned embodiments, and any changes or substitutions that can be easily understood by those skilled in the art within the technical scope of the present invention are intended to be included in the scope of the present invention.

Claims (9)

1. A registration code generation method based on elliptic curve short signature is characterized by comprising the following steps:
Generating a machine code corresponding to the running of the software by the equipment based on the hardware information of the equipment for installing the software and the identification information of the software;
generating a random elliptic curve key pair (sk, PK), carrying out short signature on a machine code based on a private key sk in the key pair to obtain a corresponding signature value (r, s), generating a random number k and calculating a point P=k.G on an elliptic curve corresponding to k, wherein G is a base point of the elliptic curve, the order of the base point is prime, determining a signature value r based on an x coordinate of the elliptic curve point P, comprising determining a signature value r based on a high 32bit or a low 32bit of the x coordinate of the elliptic curve point P or a middle 32bit of all bits of the coordinates, calculating a digital digest of the machine code to obtain a feature code of the machine code, converting the feature code into a large integer h, calculating s, s=k -1 (h+sk) mod n of the signature value based on h and the private key, wherein n is the order of the base point G, the sk is a large integer of 112 bits, the random number k is 112 bits, and forming the signature value (r, s);
a registration code for the software running on the device is generated based on the signature value (r, s).
2. The registration code generation method of claim 1, wherein generating the registration code for the software to run on the device based on the signature value comprises:
Splicing byte streams of the signature values (r, s) to obtain byte streams, and adopting Base64 coding to obtain displayable character strings, wherein the displayable character strings do not contain characters "/" or "+";
and obtaining the registration code based on the displayable character string.
3. The registration code generating method according to claim 2, wherein the generating a machine code corresponding to the running of the software by the device based on hardware information of the device in which the software is installed and identification information of the software includes:
splicing the hardware information and the identification information into an information character string;
calculating to obtain a corresponding information digital abstract based on the information character string;
dividing the information digital abstract into two groups of high and low bits according to bits, and carrying out logic operation on the two groups of data to obtain corresponding information bit data;
obtaining a machine code character string according to hexadecimal coding of the information bit data;
The machine code is determined based on the machine code string.
4. The registration code generation method according to claim 3, wherein the hardware information includes a hard disk serial number, a CPU serial number, a BIOS number, a network card MAC address;
The identification information comprises a software name, a developer name and a version number;
and calculating to obtain a corresponding information digital abstract based on the information character string by using an SHA256 or SM3 algorithm.
5. A registration code verification method based on elliptic curve short signature, which is characterized by being used for verifying a registration code generated by the registration code generation method according to any one of claims 1 to 4, wherein the registration code verification method comprises the following steps:
Generating a machine code corresponding to the running of the software by the equipment based on the hardware information of the equipment for installing the software and the identification information of the software;
restoring the registration code to be verified to obtain a signature value (r ', s');
the registration code is verified based on the machine code and the signature value (r ', s').
6. The method according to claim 5, wherein the recovering the registration code to be verified to obtain the signature value (r ', s') comprises:
Obtaining a corresponding displayable character string based on the registration code to be verified;
performing Base64 decoding on the corresponding displayable character strings to obtain corresponding byte streams;
a signature value (r ', s') is derived based on the corresponding byte stream.
7. The registration code verification method according to claim 6, wherein the verifying the registration code based on the machine code and the signature value (r ', s') includes:
Calculating a digital abstract of the machine code to obtain a feature code of the machine code, and converting the feature code into a large integer h';
taking a modulus of the large integer h 'to obtain an integer h 1,h1 =h' mod n, wherein n is the order of the base point G;
Calculating a point P 1,P1=h1 G on the elliptic curve corresponding to h 1;
Calculating a verification point P 2,P2=s′-1(P1 +PK on an elliptic curve based on the public key in the key pair, wherein s '-1 represents modulo s' inversion, and PK is the public key in the random elliptic curve key pair;
Determining r' based on the x coordinate of P 2;
Comparing whether r and r' are equal, if so, the registration code is legal, otherwise, the registration code is illegal.
8. A registration code generation and verification system based on elliptic curve short signature, comprising:
the device comprises a machine code generation module, a software generation module and a software generation module, wherein the machine code generation module is used for generating a machine code corresponding to the running of the software by the device based on hardware information of the device for installing the software and identification information of the software;
The registration code generation module is used for carrying out short signature on a machine code based on a private key sk in a generated random elliptic curve key pair (sk, PK) to obtain a corresponding signature value (r, s), generating a registration code for running the software on the equipment based on the signature value (r, s), wherein carrying out short signature on the machine code based on the private key sk in the generated random elliptic curve key pair (sk, PK) to obtain the corresponding signature value (r, s) comprises the steps of generating a random number k and calculating a point P=k.G on a corresponding elliptic curve, wherein G is a base point of the elliptic curve, the order of which is prime number, determining a signature value r based on the x coordinate of the elliptic curve point P, comprising determining a signature value r based on the upper 32bit or the lower 32bit or the middle 32bit of all bits of the coordinate of the x coordinate of the elliptic curve point P, calculating a digital digest on the machine code to obtain a characteristic code of the machine code, converting the characteristic code into a large integer h, calculating the characteristic code based on h and the private key to obtain a point P=k.G, wherein G is a base point of the elliptic curve, the order of which is prime number, the order of which is the x coordinate is the prime number, and the order of which is the base point of the elliptic curve P, and the signature value (k+n) is the integer, the order of which is 112, and the order of which is the base point of the secret key is 112;
The registration code verification module is used for verifying the registration code generated by the registration code generation module, and comprises the steps of generating a machine code corresponding to the running software of the equipment based on the hardware information of the equipment for installing the software and the identification information of the software, restoring the registration code to be verified to obtain a signature value (r ', s'), and verifying the registration code to be verified based on the machine code and the signature value (r ', s').
9. The registration code generation and verification system of claim 8, wherein the registration code generation module securely obtains a private key of the random elliptic curve key pair from a software manufacturer when generating a registration code;
the registration code verification module adopts a key dispersion algorithm to conceal and configure a public key in the random elliptic curve key pair in advance.
CN202411882972.8A 2024-12-19 2024-12-19 A registration code generation and verification method and system based on elliptic curve short signature Active CN119903492B (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202411882972.8A CN119903492B (en) 2024-12-19 2024-12-19 A registration code generation and verification method and system based on elliptic curve short signature

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202411882972.8A CN119903492B (en) 2024-12-19 2024-12-19 A registration code generation and verification method and system based on elliptic curve short signature

Publications (2)

Publication Number Publication Date
CN119903492A CN119903492A (en) 2025-04-29
CN119903492B true CN119903492B (en) 2025-09-02

Family

ID=95469413

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202411882972.8A Active CN119903492B (en) 2024-12-19 2024-12-19 A registration code generation and verification method and system based on elliptic curve short signature

Country Status (1)

Country Link
CN (1) CN119903492B (en)

Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117313045A (en) * 2023-09-28 2023-12-29 苏州体素信息科技有限公司 Software authorization method and system

Family Cites Families (7)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
WO2008085579A2 (en) * 2006-10-25 2008-07-17 Spyrus, Inc. Method and system for deploying advanced cryptographic algorithms
US20090313171A1 (en) * 2008-06-17 2009-12-17 Microsoft Corporation Electronic transaction verification
CN108268779B (en) * 2016-12-30 2022-03-04 航天信息股份有限公司 Processing method and system for carrying out short ciphertext signature on invoice
CN111628868B (en) * 2020-05-26 2021-08-13 腾讯科技(深圳)有限公司 Digital signature generation method and device, computer equipment and storage medium
CN112202568B (en) * 2020-10-09 2022-05-20 天津大学 Software and hardware co-design SM9 digital signature communication method and system
CN116881865A (en) * 2023-08-07 2023-10-13 中科时代(深圳)计算机系统有限公司 A license generation method and system
CN117725563A (en) * 2023-12-18 2024-03-19 福建汇思博数字科技有限公司 Software authorization method and system

Patent Citations (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN117313045A (en) * 2023-09-28 2023-12-29 苏州体素信息科技有限公司 Software authorization method and system

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
基于椭圆曲线数字签名算法的软件注册码方案;陈奇峰;科学技术与工程;20090331;第9卷(第6期);1584-1586 *

Also Published As

Publication number Publication date
CN119903492A (en) 2025-04-29

Similar Documents

Publication Publication Date Title
CN102138300B (en) Application of message authentication code precomputation in secure memory
CN110391914B (en) File acquisition method and equipment based on two-dimensional code and two-dimensional code generation method
CN114614994B (en) Communication method, device, client and storage medium of API (application program interface) data
CN111541542B (en) Request sending and verifying method, device and equipment
CN1439207A (en) Platforms and methods for establishing verifiable identities while maintaining confidentiality
US7020776B2 (en) Cryptosystem based on a Jacobian of a curve
CN116866029B (en) Random number encryption data transmission method, device, computer equipment and storage medium
CN116881865A (en) A license generation method and system
CN1925392A (en) Method for identification of equipment validity
CN117708798A (en) Method and system for controlling blockchain terminal equipment based on cryptography
CN113508380B (en) Methods used for end-entity authentication
CN114978694B (en) Data volume generation method, device, equipment and storage medium based on digital signature
CN114499859A (en) Password verification method, device, device and storage medium
CN119903492B (en) A registration code generation and verification method and system based on elliptic curve short signature
CN120639310A (en) A method, device and equipment for signing and verifying software upgrade packages
CN105873043B (en) Method and system for generating and applying network private key for mobile terminal
CN113194090A (en) Authentication method, authentication device, terminal device and computer readable storage medium
CN119025144A (en) Method, system, device and medium for securely upgrading trusted DCS card program
CN118228210A (en) Software security authentication method, device and storage medium
CN114553566B (en) Data encryption method, device, equipment and storage medium
CN108960385A (en) Two dimensional code generation and verification method and system based on the encryption of multiple code key
CN115238284A (en) Data mining method, device, system and storage medium
CN114915424A (en) Interactive certificate generation method and device, electronic equipment and storage medium
CN114817956A (en) USB communication object verification method, system, device and storage medium
CN115174063B (en) Software license generation, verification method and device

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant