TWI874230B - Security encryption algorithm identification method and system - Google Patents
Security encryption algorithm identification method and system Download PDFInfo
- Publication number
- TWI874230B TWI874230B TW113120055A TW113120055A TWI874230B TW I874230 B TWI874230 B TW I874230B TW 113120055 A TW113120055 A TW 113120055A TW 113120055 A TW113120055 A TW 113120055A TW I874230 B TWI874230 B TW I874230B
- Authority
- TW
- Taiwan
- Prior art keywords
- encryption algorithm
- secure encryption
- library
- algorithm library
- plug
- Prior art date
Links
- 238000000034 method Methods 0.000 title claims abstract description 19
- FGUUSXIOTUKUDN-IBGZPJMESA-N C1(=CC=CC=C1)N1C2=C(NC([C@H](C1)NC=1OC(=NN=1)C1=CC=CC=C1)=O)C=CC=C2 Chemical compound C1(=CC=CC=C1)N1C2=C(NC([C@H](C1)NC=1OC(=NN=1)C1=CC=CC=C1)=O)C=CC=C2 FGUUSXIOTUKUDN-IBGZPJMESA-N 0.000 claims description 5
- 238000010586 diagram Methods 0.000 description 10
- 238000005516 engineering process Methods 0.000 description 6
- 101000827703 Homo sapiens Polyphosphoinositide phosphatase Proteins 0.000 description 2
- 102100023591 Polyphosphoinositide phosphatase Human genes 0.000 description 2
- 238000012544 monitoring process Methods 0.000 description 2
- 101100233916 Saccharomyces cerevisiae (strain ATCC 204508 / S288c) KAR5 gene Proteins 0.000 description 1
- 238000004891 communication Methods 0.000 description 1
- 238000011161 development Methods 0.000 description 1
- 238000009434 installation Methods 0.000 description 1
- 230000010354 integration Effects 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
Images
Landscapes
- Storage Device Security (AREA)
Abstract
本發明是一種安全加密演算法之識別方法及其系統,主要由一供安裝一軟體應用程式之電子裝置,其包含一供下載並儲存至少一動態連結函式庫之儲存單元,一裝載於該電子裝置之掃描模組,其供掃描該動態連結函式庫以取得一動態連結函式庫檔案名稱資訊,一密碼動態連結函式庫列表,該掃描模組依據一密碼動態連結函式庫列表比對該動態連結函式庫檔案名稱資訊產生至少一安全加密演算法函式庫檔案名稱資訊,該描模組連結與該安全加密演算法函式庫檔案名稱資訊對應之一安全加密演算法函式庫,並取得該安全加密演算法函式庫後設資料中的一安全加密演算法函式庫版本資訊,一具至少一具外掛程式之安全加密演算法函式庫之指定安全加密演算法函式庫儲存單元,該掃描模組依據該安全加密演算法函式庫檔案名稱資訊及該安全加密演算法函式庫版本資訊於該指定安全加密演算法函式庫儲存單元中下載一具外掛程式之安全加密演算法函式庫,並對電子裝置中該安全加密演算法函式庫進行覆蓋,一設於該電子裝置之指定儲存單元,其供儲存當體應用程式呼叫該具外掛程式之安全加密演算法函式庫時產生的一記錄檔。 The present invention is a method and system for identifying a secure encryption algorithm. The method mainly comprises an electronic device for installing a software application, which comprises a storage unit for downloading and storing at least one dynamic link library, a scanning module loaded on the electronic device, which scans the dynamic link library to obtain a dynamic link library file name information, and a password dynamic link library list. The scanning module compares the dynamic link library file name information according to the password dynamic link library list to generate at least one secure encryption algorithm library file name information. The scanning module links a secure encryption algorithm library corresponding to the secure encryption algorithm library file name information and obtains the secure encryption algorithm library file name information. A secure encryption algorithm library version information in the secure encryption algorithm library metadata, a designated secure encryption algorithm library storage unit of a secure encryption algorithm library with at least one plug-in, the scanning module downloads a secure encryption algorithm library with a plug-in from the designated secure encryption algorithm library storage unit according to the secure encryption algorithm library file name information and the secure encryption algorithm library version information, and overwrites the secure encryption algorithm library in the electronic device, a designated storage unit set in the electronic device, which is used to store a record file generated when the current application calls the secure encryption algorithm library with a plug-in.
Description
本發明係一種安全加密演算法識別並監控的方式,尤指一種安全加密演算法之識別方法及其系統。 The present invention is a method for identifying and monitoring a secure encryption algorithm, and in particular, a method for identifying a secure encryption algorithm and a system thereof.
按,現行的軟體應用程式開發者為了保證系統資料的機密性和完整性,需要使用密碼技術對資料加密後存儲或傳輸。 According to current software application developers, in order to ensure the confidentiality and integrity of system data, they need to use cryptographic technology to encrypt data before storing or transmitting it.
但軟體應用程式開發的過程中若對密碼演算法的類型以及調用密碼技術的不瞭解或是使用不當,則會發生不可避免地安全性漏洞問題。常見的錯誤類型多是採用存在安全問題或安全強度不足的密碼演算法、使用固定值而不是亂數作為加密演算法初始向量和密碼演算法的金鑰不具有隨機性等。 However, if the types of cryptographic algorithms and the cryptographic techniques used are not understood or used improperly during the development of software applications, security vulnerabilities will inevitably occur. Common types of errors include using cryptographic algorithms with security issues or insufficient security strength, using fixed values instead of random numbers as the initial vector of the encryption algorithm, and the cryptographic algorithm key is not random.
故,有鑑於此,如何得知系統當前使用的密碼演算法在資訊安全上尤為重要,現有的作法是在現有的系統(如:Android、ios)中安裝監控程式,監控程式採用高許可權模式下運行並監控密碼演算法,因此可以在不修改APK檔(如:安卓系統安裝包檔)的情況下影響程式運行(修改系統)的框架服務,基於它可以製作出許多功能強大的模組,且在功能不衝突的情況下同時運作,但相對容易造成資安風險。 Therefore, in view of this, how to know the current password algorithm used by the system is particularly important in information security. The current practice is to install a monitoring program in the existing system (such as Android, iOS). The monitoring program runs and monitors the password algorithm in a high-permission mode, so it can affect the program operation (modify the system) without modifying the APK file (such as the Android system installation package file). The framework service can be used to create many powerful modules based on it, and they can operate simultaneously without conflicting functions, but it is relatively easy to cause information security risks.
再者,密碼演算法執行過程中所能被識別的特徵較難預測,不同系統環境、程式或硬體架構都可能讓執行時產生不同的監控內容,使得難以被監控。 Furthermore, the features that can be identified during the execution of the cryptographic algorithm are difficult to predict. Different system environments, programs or hardware architectures may generate different monitoring contents during execution, making it difficult to monitor.
因此,如何在系統資訊安全、又能即時準確監控密碼演算法成為亟待解決的問題。 Therefore, how to ensure system information security and accurately monitor password algorithms in real time has become an urgent problem to be solved.
以下在實施方式中詳細敘述本發明之詳細特徵以及優點,其內容足以使任何熟習相關技藝者瞭解本發明之技術內容並據以實施,且根據本說明書所揭露之內容、申請專利範圍及圖式,任何熟習相關技藝者可輕易地理解本發明相關之目的及優點。 The detailed features and advantages of the present invention are described in detail in the following implementation method. The content is sufficient for anyone familiar with the relevant technology to understand the technical content of the present invention and implement it accordingly. According to the content disclosed in this specification, the scope of the patent application and the drawings, anyone familiar with the relevant technology can easily understand the relevant purposes and advantages of the present invention.
本發明之主要目的在於:透過儲存的紀錄檔(包含呼叫安全加密演算法函式庫的軟體應用程式名稱、呼叫時間、被呼叫的函式庫名稱或被呼叫的函式庫中的函式名稱等),能夠更正確判斷軟體應用程式所選擇使用的安全加密演算法函式或安全加密演算法函式。 The main purpose of the present invention is to more accurately determine the security encryption algorithm function or security encryption algorithm function selected by the software application through the stored log file (including the name of the software application that calls the security encryption algorithm library, the calling time, the name of the called library or the name of the function in the called library, etc.).
為達上述目的,本發明係一種安全加密演算法之識別方法,其步驟包括:a、由一掃描模組掃描一電子裝置中的至少一動態連結函式庫並取得一動態連結函式庫檔案名稱資訊;b、該掃描模組依據一密碼動態連結函式庫列表比對該動態連結函式庫檔案名稱資訊產生至少一安全加密演算法函式庫檔案名稱資訊;c、該掃描模組連結一安全加密演算法函式庫,並取得該安全加密演算法函式庫的一後設資料(metadata),並於該後設資料中取得一安全加密演算法函式庫版本資訊;d、該掃描模組連結至一存有一具一外掛程式之安全加密演算法函式庫之指定安全加密演算法函式庫儲存單元,並依據該安全加密演算法函式庫檔案名稱資訊及該安全加密演算法函式庫版本資訊下載具該外掛程式之該安全加密演算法函式庫,並由具該外掛程式之該安全加密演算法函式庫對該安全加密演算法函式庫進行覆蓋;及e、當一軟體應用程式呼叫具該外掛程式之該安全加密演算法函式庫時,產生一與具該外掛程式之該安全加密演算法函式庫對應的紀錄檔,並儲存於該電子裝置之一指定儲存單元。 To achieve the above-mentioned purpose, the present invention is a method for identifying a secure encryption algorithm, the steps of which include: a. a scanning module scans at least one dynamic link library in an electronic device and obtains a dynamic link library file name information; b. the scanning module compares the dynamic link library file name information according to a password dynamic link library list to generate at least one secure encryption algorithm library file name information; c. the scanning module links to a secure encryption algorithm library and obtains a metadata of the secure encryption algorithm library, and obtains a secure encryption algorithm library version information in the metadata; d. the scanning module The scanning module is linked to a designated secure encryption algorithm library storage unit storing a secure encryption algorithm library with a plug-in, and the secure encryption algorithm library with the plug-in is downloaded according to the secure encryption algorithm library file name information and the secure encryption algorithm library version information, and the secure encryption algorithm library with the plug-in is used to cover the secure encryption algorithm library; and e. when a software application calls the secure encryption algorithm library with the plug-in, a log file corresponding to the secure encryption algorithm library with the plug-in is generated and stored in a designated storage unit of the electronic device.
根據本發明之一實施例,更包括步驟f、由一比對分析模組比對一黑名單及該紀錄檔,並依據比對結果發報通知或不發報通知。 According to one embodiment of the present invention, step f is further included, where a comparison analysis module compares a blacklist and the log file, and sends a notification or does not send a notification based on the comparison result.
根據本發明之一實施例,其中該紀錄檔包含呼叫具該外掛程式之該安全加密演算法函式庫的軟體應用程式名稱、呼叫時間、被呼叫的函式庫名稱或被呼叫的函式名稱。 According to one embodiment of the present invention, the log file includes the name of the software application that calls the secure encryption algorithm library with the plug-in, the calling time, the name of the called library or the name of the called function.
一種安全加密演算法之識別系統,係用以執行如申請專利範圍第1項所述之安全加密演算法之識別方法,該識別系統包括:根據安全加密演算法之識別方法執行的一種安全加密演算法之識別系統,該識別系統包括:一供安裝一軟體應用程式之電子裝置,其包含一供下載並儲存至少一動態連結函式庫之儲存單元;一裝載於該電子裝置之掃描模組,其供掃描該動態連結函式庫以取得一動態連結函式庫檔案名稱資訊;一密碼動態連結函式庫列表,該掃描模組依據一密碼動態連結函式庫列表比對該動態連結函式庫檔案名稱資訊產生至少一安全加密演算法函式庫檔案名稱資訊,該描模組連結一與該安全加密演算法函式庫檔案名稱資訊對應之安全加密演算法函式庫,並取得該安全加密演算法函式庫的一後設資料(metadata),並於該後設資料中取得一安全加密演算法函式庫版本資訊;一具至少一具外掛程式之安全加密演算法函式庫之指定安全加密演算法函式庫儲存單元,該掃描模組依據該安全加密演算法函式庫檔案名稱資訊及該安全加密演算法函式庫版本資訊於該指定安全加密演算法函式庫儲存單元中下載一具外掛程式之安全加密演算法函式庫,並對該電子裝置中該安全加密演算法函式庫進行覆蓋;及一設於該電子裝置之指定儲存單元,其供儲存當軟體應用程式呼叫該具外掛程式之安全加密演算法函式庫時產生的一記錄檔。
A secure encryption algorithm identification system is used to execute the secure encryption algorithm identification method as described in
根據本發明之一實施例,更包括一比對分析模組及一黑名單,該比對分析模組比對該黑名單資訊及指定儲存單元中該記錄檔,並依據比對結果發報通知或不發報通知。 According to one embodiment of the present invention, it further includes a comparison analysis module and a blacklist, the comparison analysis module compares the blacklist information and the record file in the designated storage unit, and sends a notification or does not send a notification based on the comparison result.
根據本發明之一實施例,其中該記錄檔包含呼叫具外掛程式之安全加密演算法函式庫的軟體應用程式名稱、呼叫時間、被呼叫的函式庫名稱或被呼叫的函式名稱。 According to one embodiment of the present invention, the log file includes the name of the software application that calls the secure encryption algorithm library with a plug-in, the calling time, the name of the called library or the name of the called function.
1:電子裝置 1: Electronic devices
10:儲存單元 10: Storage unit
100:動態連結函式庫 100: Dynamically linked library
S1:動態連結函式庫檔案名稱資訊 S1: Dynamically linked library file name information
12:掃描模組 12: Scanning module
M1:安全加密演算法函式庫檔案名稱資訊 M1: Security encryption algorithm library file name information
13:密碼動態連結函式庫列表 13: Password dynamic link library list
101:安全加密演算法函式庫 101:Secure encryption algorithm library
20:具外掛程式之安全加密演算法函式庫 20: Secure encryption algorithm library with plug-ins
1011:後設資料 1011: Metadata
M2:安全加密演算法函式庫版本資訊 M2: Security encryption algorithm library version information
15:指定儲存單元 15: Specify storage unit
16:比對分析模組 16: Comparison analysis module
17:黑名單 17: Blacklist
2:指定安全加密演算法函式庫儲存單元 2: Specify the secure encryption algorithm library storage unit
20:具外掛程式之安全加密演算法函式庫 20: Secure encryption algorithm library with plug-ins
3:軟體應用程式 3: Software Applications
a~e:安全加密演算法之識別方法步驟 a~e: Steps of identifying the secure encryption algorithm
f:比對黑名單之方法步驟 f: Methods and steps for comparing blacklists
圖1 為本發明識別方法之步驟流程示意圖。 Figure 1 is a schematic diagram of the steps of the identification method of the present invention.
圖2 為本發明增加步驟f之步驟流程示意圖。 Figure 2 is a schematic diagram of the step flow of adding step f in the present invention.
圖3 為本發明下載對應具外掛程式之安全加密演算法函式庫之方塊示意圖。 Figure 3 is a block diagram of the present invention for downloading the corresponding secure encryption algorithm library with a plug-in.
圖4 為本發明將具插之具外掛程式之安全加密演算法函式庫對安全加密演算法函式庫進行覆蓋之方塊示意圖。 FIG4 is a block diagram showing the invention of covering a secure encryption algorithm library with a plug-in secure encryption algorithm library.
圖5 為本發明紀錄檔統一格式儲存之方塊示意圖。 Figure 5 is a block diagram showing the unified format of the record file of the present invention.
以下藉由具體實施例說明本發明之實施方式,熟悉此技藝之人士可由本說明書所揭示之內容輕易地瞭解本發明之其他優點及功效。 The following is a specific example to illustrate the implementation of the present invention. People familiar with this technology can easily understand other advantages and effects of the present invention from the content disclosed in this manual.
本說明書所附圖式所繪示之結構、比例、大小等,均僅用以配合說明書所揭示之內容,以供熟悉此技藝之人士之瞭解與閱讀,並非用以限定本發明可實施之限定條件,故不具技術上之實質意義,任何結構之修飾、比例關係之改變或大小之調整,在不影響本發明所能產生之功效及所能達成之目的下,均應仍落在本發明所揭示之技術內容得能涵蓋之範圍內。同時,本說明書中所引用之如“一”、“兩”、“上”等之用語,亦僅為便於敘述之明瞭,而非用以限定本發明可實施之範圍,其相對關係之改變或調整,在無實質變更技術內容下,當亦視為本發明可實施之範疇。 The structures, proportions, sizes, etc. shown in the attached drawings of this manual are only used to match the contents disclosed in the manual for people familiar with this technology to understand and read. They are not used to limit the conditions under which the present invention can be implemented, so they have no substantial technical significance. Any modification of the structure, change of the proportion relationship, or adjustment of the size should still fall within the scope of the technical content disclosed by the present invention without affecting the effects and purposes that can be achieved by the present invention. At the same time, the terms such as "one", "two", "upper", etc. quoted in this manual are only for the convenience of description, and are not used to limit the scope of the present invention. The changes or adjustments in their relative relationships should also be regarded as the scope of the present invention without substantially changing the technical content.
請參閱圖1及圖2所示,為本發明識別方法之步驟流程示意圖及增加步驟f之步驟流程示意圖。本發明是一種安全加密演算法之識別方法,主要包括以下步驟: Please refer to Figures 1 and 2, which are schematic diagrams of the step flow of the identification method of the present invention and the step flow diagram of adding step f. The present invention is a method for identifying a secure encryption algorithm, which mainly includes the following steps:
a、由一掃描模組掃描該電子裝置中的至少一動態連結函式庫並取得該動態連結函式庫檔案名稱資訊。 a. A scanning module scans at least one dynamic link library in the electronic device and obtains the file name information of the dynamic link library.
其中該掃描模組可利用腳本程式(Script)或可取得特定檔名資訊的軟體程式取得檔案名稱資訊,該掃描模組依據副檔名掃描出該電子裝置中的所有動態連結函式庫檔案名稱資訊,即將副檔名為dll、.ocx、.drv或.so等的檔案之檔案名稱過濾出來,另,該檔案名稱包含主檔名與副檔名,如:libssl.so,libssl為主檔名,.dll為副檔名,其中libssl為一用來進行安全通訊,避免竊聽的函式庫,進一步說明,由步驟a.可得知電子裝置有那些動態連結函式庫。 The scanning module can obtain file name information using a script or a software program that can obtain specific file name information. The scanning module scans all dynamic link library file name information in the electronic device according to the file extension, that is, the file names with file extensions such as .dll, .ocx, .drv or .so are filtered out. In addition, the file name includes a main file name and a file extension, such as libssl.so, where libssl is the main file name and .dll is the file extension. libssl is a library used for secure communication to avoid eavesdropping. To further explain, from step a., it can be known which dynamic link libraries the electronic device has.
b、該掃描模組依據一密碼動態連結函式庫列表比對該動態連結函式庫檔案名稱資訊產生至少一安全加密演算法函式庫檔案名稱資訊。 b. The scanning module generates at least one secure encryption algorithm library file name information by comparing the dynamic link library file name information with a password dynamic link library list.
其中,密碼動態連結函式庫列表,裡面包含多組安全加密演算法函式庫的主檔案名稱,如libssl,該掃描模組可依據納入密碼動態連結函式庫列表內的安全加密演算法函式庫的主檔案名稱與該動態連結函式庫檔案名稱資訊比對,若一致,即產生至少一安全加密演算法函式庫檔案名稱資訊,如:密碼動態連結函式庫列表中安全加密演算法函式庫的主檔案名稱為libssl,當所述動態連結函式庫檔案名稱資訊有libssl時,此時將libssl作為安全加密演算法函式庫檔案名稱資訊,反之,若所述動態連結函式庫檔案名稱沒有libssl時,即不產生該安全加密演算法函式庫檔案名稱資訊,進一步說明,由步驟b.則可經由所述密碼動態連結函式庫列表得知目前動態連結函式庫中有那些安全加密演算法函式庫。 The cryptographic dynamic link library list includes multiple sets of main file names of secure encryption algorithm libraries, such as libssl. The scanning module can compare the main file name of the secure encryption algorithm library included in the cryptographic dynamic link library list with the file name information of the dynamic link library. If they are consistent, at least one secure encryption algorithm library file name information is generated, such as: the main file name of the secure encryption algorithm library in the cryptographic dynamic link library list is l ibssl, when the dynamic link library file name information contains libssl, libssl is used as the secure encryption algorithm library file name information. On the contrary, if the dynamic link library file name does not contain libssl, the secure encryption algorithm library file name information is not generated. To further explain, from step b., the secure encryption algorithm libraries in the current dynamic link library can be known through the cryptographic dynamic link library list.
c、該掃描模組連結一安全加密演算法函式庫,並取得該安全加密演算法函式庫的一後設資料(metadata),並於該後設資料中取得一安全加密演算法函式庫版本資訊。 c. The scanning module is linked to a secure encryption algorithm library, and obtains metadata of the secure encryption algorithm library, and obtains version information of the secure encryption algorithm library from the metadata.
其中,該掃描模組連結電子裝置內與該安全加密演算法函式庫檔案名稱資訊對應之安全加密演算法函式庫,並取得其後設資料中的版本資訊,如:該安全加密演算法函式庫檔案名稱資訊為libssl,該掃描模組連結libssl.dll,並取得其後設資料中的版本資訊,如:1.01版,進一步說明,由步驟c可得當前電子裝置所使用的安全加密演算法函式庫的版本。 Among them, the scanning module links to the security encryption algorithm library corresponding to the security encryption algorithm library file name information in the electronic device, and obtains the version information in its metadata, such as: the security encryption algorithm library file name information is libssl, the scanning module links to libssl.dll, and obtains the version information in its metadata, such as: version 1.01. To further explain, the version of the security encryption algorithm library used by the current electronic device can be obtained from step c.
d、該掃描模組連結至一具外掛程式之安全加密演算法函式庫之指定安全加密演算法函式庫儲存單元,並依據該安全加密演算法函式庫檔案名稱資訊及該安全加密演算法函式庫版本資訊下載一具外掛程式之安全加密演算法函式庫,並由該具外掛程式之安全加密演算法函式庫對該安全加密演算法函式庫進行覆蓋。 d. The scanning module is linked to a designated secure encryption algorithm library storage unit of a secure encryption algorithm library of a plug-in, and a secure encryption algorithm library of a plug-in is downloaded according to the secure encryption algorithm library file name information and the secure encryption algorithm library version information, and the secure encryption algorithm library of the plug-in is used to overwrite the secure encryption algorithm library.
進一步說明,以libssl舉例,當取得檔案名稱資訊libssl及版本資訊1.01版後,該掃描模組連結該指定安全加密演算法函式庫儲存單元,並依據檔案名稱資訊libssl及版本資訊1.01版下載對應的一具外掛程式之安全加密演算法函式庫,此例中即為libssl.dll 1.01,另,該具外掛程式之安全加密演算法函式庫中的外掛程式可以是函式,其用途是讓該具外掛程式之安全加密演算法函式庫於執行時留下記錄檔,於下載後,並將具外掛程式之libssl.dll 1.01覆蓋原本電子裝置中的libssl.dll 1.01。 To further explain, taking libssl as an example, after obtaining the file name information libssl and version information version 1.01, the scanning module links to the specified secure encryption algorithm library storage unit, and downloads a corresponding secure encryption algorithm library with a plug-in according to the file name information libssl and version information version 1.01, which is libssl.dll 1.01 in this example. In addition, the plug-in in the secure encryption algorithm library with a plug-in can be a function, and its purpose is to allow the secure encryption algorithm library with a plug-in to leave a log file when it is executed. After downloading, the libssl.dll 1.01 with a plug-in will overwrite the libssl.dll 1.01 in the original electronic device.
e、當一軟體應用程式呼叫該具外掛程式之安全加密演算法函式庫時,產生一與具外掛程式之安全加密演算法函式庫對應的紀錄檔,並儲存於該電子裝置之指定儲存單元。 e. When a software application calls the secure encryption algorithm library with a plug-in, a log file corresponding to the secure encryption algorithm library with a plug-in is generated and stored in the designated storage unit of the electronic device.
該紀錄檔包含呼叫具外掛程式之安全加密演算法函式庫的軟體應用程式名稱、呼叫時間、被呼叫的函式庫名稱或被呼叫的函式名稱。 The log file contains the name of the software application that calls the secure encryption algorithm library with plug-in, the call time, the name of the called library or the name of the called function.
更包括步驟f、由一比對分析模組比對一黑名單及該紀錄檔,並依據比對結果發報通知或不發報通知。 It also includes step f, where a comparison analysis module compares a blacklist and the log file, and sends or does not send a notification based on the comparison result.
其中,該比對分析模組連結一黑名單及該指定儲存單元,並比對黑名單資訊及指定儲存單元中該記錄檔,依據比對結果發報通知或不發報通知,其中,該黑名單可為一種非許可列表,包含非後量子密碼學加密演算法的資訊,如非後量子密碼學加密演算法的名稱、代號等,該資料整合程式用以收集該紀錄檔,並依據該黑名單中的資訊比對記錄檔中被呼叫的函式庫名稱或被呼叫的函式名稱,若被呼叫的函式庫名稱或被呼叫的函式名稱為黑名單中之非後量子密碼學加密演算法的資訊,即發出通報,進一步說明,該比對分析模組主要透過該黑名單判斷該電子裝置是否有使用不安全的安全加密演算法函式庫,主要是非應用量子密碼學的加密演算法。 The comparison analysis module is connected to a blacklist and the designated storage unit, and compares the blacklist information with the record file in the designated storage unit, and sends a notification or does not send a notification according to the comparison result, wherein the blacklist can be a non-permitted list, including information of non-post-quantum cryptography encryption algorithms, such as the name and code of the non-post-quantum cryptography encryption algorithm, and the data integration program is used to collect the record file and send a notification according to the blacklist. The information in the comparison log file is compared with the library name or the function name called. If the library name or the function name called is the information of the non-post-quantum cryptography encryption algorithm in the blacklist, a notification is issued. Further explanation: the comparison analysis module mainly determines whether the electronic device uses an unsafe security encryption algorithm library through the blacklist, mainly encryption algorithms that are not applied quantum cryptography.
依據上述中安全加密演算法之識別方法的步驟,一併參考圖3、圖4及圖5所示,為本發明下載對應具外掛程式之安全加密演算法函式庫之方塊示意圖、將具插之具外掛程式之安全加密演算法函式庫對安全加密演算法函式庫進行覆蓋之方塊示意圖及比對分析模組比對黑名單資訊及該記錄檔資訊並發報通知之方塊示意圖。 According to the steps of the security encryption algorithm identification method described above, with reference to FIG3, FIG4 and FIG5, the block diagram of the present invention downloading the corresponding secure encryption algorithm library with a plug-in, the block diagram of the secure encryption algorithm library with a plug-in covering the secure encryption algorithm library, and the block diagram of the comparison analysis module comparing the blacklist information and the log file information and sending a notification.
本發明的安全加密演算法之識別系統,係用以執行安全加密演算法之識別方法,系統中電子裝置1供安裝軟體應用程式3,且包含供下載並儲存至少一動態連結函式庫100之儲存單元10,另裝載於電子裝置1中的掃描模組12供掃描動態連結函式庫100以取得一動態連結函式庫檔案名稱資訊S1,
The security encryption algorithm identification system of the present invention is used to execute the security encryption algorithm identification method. In the system, an
該掃描模組12資訊連結密碼動態連結函式庫列表13與儲存單元10,掃描模組12依據該密碼動態連結函式庫列表13比對所述儲存單元10中
動態連結函式庫檔案名稱資訊S1產生至少一安全加密演算法函式庫檔案名稱資訊M1。
The
該掃描模組12資訊連結一安全加密演算法函式庫101,並取得安全加密演算法函式庫14的一後設資料1011(metadata),並於後設資料1011中取得一安全加密演算法函式庫版本資訊M2,其中,該掃描模組12連結電子裝置1內與該安全加密演算法函式庫檔案名稱資訊M1對應之安全加密演算法函式庫,該安全加密演算法函式庫101為該動態連結函式庫100中的一或多個。
The
而後,該掃描模組12連結至指定安全加密演算法函式庫儲存單元2,其具有至少一具外掛程式之安全加密演算法函式庫20,並依據安全加密演算法函式庫檔案名稱資訊M1及安全加密演算法函式庫版本資訊M2下載該具外掛程式之安全加密演算法函式庫20,並由該具外掛程式之安全加密演算法函式庫20對安全加密演算法函式庫101進行覆蓋。
Then, the
當該軟體應用程式3呼叫該具外掛程式之安全加密演算法函式庫20時,產生一與具外掛程式之安全加密演算法函式庫20對應的紀錄檔,並儲存於該電子裝置之指定儲存單元15,該紀錄檔包含呼叫該具外掛程式之安全加密演算法函式庫的軟體應用程式名稱、呼叫時間、被呼叫的函式庫名稱或被呼叫的函式名稱。另,由一比對分析模組16連結一黑名單17與該指定儲存單元15,該比對分析模組16比對黑名單17資訊及指定儲存單元15中該記錄檔,並依據比對結果發報通知或不發報通知。
When the
由上述可知,透過儲存的紀錄檔(包含呼叫具外掛程式之安全加密演算法函式庫的軟體應用程式名稱、呼叫時間、被呼叫的函式庫名稱或被呼叫的函式名稱),能夠更正確判斷軟體應用程式所選擇使用的安全加密演算法函式庫或安全加密演算法函式,並對使用不安全的安全加密演算法發出通報。一 From the above, we can see that through the stored log files (including the name of the software application that calls the secure encryption algorithm library with plug-in, the call time, the name of the called library or the name of the called function), it is possible to more accurately judge the secure encryption algorithm library or secure encryption algorithm function selected by the software application, and issue a notification for the use of insecure secure encryption algorithms. 1
上述實施例僅為例示性說明本發明的原理及其功效,而非用於限制本發明。任何熟悉此項技藝的人士均可在不違背本發明的精神及範疇下,對上述實施例進行修改。因此本發明的權利保護範圍,應如後述申請專利範圍所列。 The above embodiments are only for illustrative purposes to illustrate the principle and efficacy of the present invention, and are not intended to limit the present invention. Anyone familiar with this technology may modify the above embodiments without violating the spirit and scope of the present invention. Therefore, the scope of protection of the present invention should be as listed in the scope of the patent application described below.
a~e:安全加密演算法之識別方法步驟 a~e: Steps of identifying the secure encryption algorithm
Claims (6)
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW113120055A TWI874230B (en) | 2024-05-30 | 2024-05-30 | Security encryption algorithm identification method and system |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| TW113120055A TWI874230B (en) | 2024-05-30 | 2024-05-30 | Security encryption algorithm identification method and system |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| TWI874230B true TWI874230B (en) | 2025-02-21 |
| TW202546675A TW202546675A (en) | 2025-12-01 |
Family
ID=95557537
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| TW113120055A TWI874230B (en) | 2024-05-30 | 2024-05-30 | Security encryption algorithm identification method and system |
Country Status (1)
| Country | Link |
|---|---|
| TW (1) | TWI874230B (en) |
Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TW583568B (en) * | 2001-08-27 | 2004-04-11 | Dataplay Inc | A secure access method and system |
| US7818215B2 (en) * | 2004-02-15 | 2010-10-19 | Exbiblio, B.V. | Processing techniques for text capture from a rendered document |
| TW201342033A (en) * | 2012-01-07 | 2013-10-16 | 宏碁雲端技術公司 | Remote wakeup method |
| TW201642135A (en) * | 2015-05-20 | 2016-12-01 | Alibaba Group Services Ltd | File detection method, device and system |
| TW201804354A (en) * | 2016-07-19 | 2018-02-01 | 資富電子股份有限公司 | Storage device, data protection method therefor, and data protection system |
-
2024
- 2024-05-30 TW TW113120055A patent/TWI874230B/en active
Patent Citations (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| TW583568B (en) * | 2001-08-27 | 2004-04-11 | Dataplay Inc | A secure access method and system |
| US7818215B2 (en) * | 2004-02-15 | 2010-10-19 | Exbiblio, B.V. | Processing techniques for text capture from a rendered document |
| TW201342033A (en) * | 2012-01-07 | 2013-10-16 | 宏碁雲端技術公司 | Remote wakeup method |
| TW201642135A (en) * | 2015-05-20 | 2016-12-01 | Alibaba Group Services Ltd | File detection method, device and system |
| TW201804354A (en) * | 2016-07-19 | 2018-02-01 | 資富電子股份有限公司 | Storage device, data protection method therefor, and data protection system |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US10402546B1 (en) | Secure execution of enterprise applications on mobile devices | |
| US10341321B2 (en) | System and method for policy based adaptive application capability management and device attestation | |
| CN107220083B (en) | A method and system for running an application program without installation in an Android system | |
| US8850211B2 (en) | Method and apparatus for improving code and data signing | |
| CN108600251B (en) | Mobile device management and security | |
| EP1897074B1 (en) | Apparatus and methods for detection and management of unauthorized executable instructions on a wireless device | |
| CN104486086B (en) | Digital signature method and mobile terminal and server | |
| CN110968872A (en) | File vulnerability detection processing method and device, electronic equipment and storage medium | |
| CN112784289B (en) | Extraction system and method for Android application encrypted network traffic | |
| CN114650154B (en) | Webpage authority behavior control method and device, computer equipment and storage medium | |
| JP2008146479A (en) | Software component, software component management method, and software component management system | |
| CN115640572A (en) | Safety detection and reinforcement method for iPhone end sandbox application | |
| TWI874230B (en) | Security encryption algorithm identification method and system | |
| CN108229152A (en) | Method and system based on ios platform dynamic monitoring | |
| KR101320680B1 (en) | Method and apparatus for integrity check of software | |
| EP2873023B1 (en) | Technique for determining a malign or non-malign behavior of an executable file | |
| CN120671115A (en) | Security verification method and system for terminal application package | |
| CN114238982A (en) | Application security testing method and device, storage medium and electronic device | |
| Ma et al. | Certified copy? understanding security risks of wi-fi hotspot based android data clone services | |
| CN116956318A (en) | Application safety protection method and device, storage medium and electronic equipment | |
| TW202546675A (en) | Identification methods and systems for secure encryption algorithms | |
| US12505234B1 (en) | Method and system of identifying security encryption algorithm | |
| WO2022051695A1 (en) | Securing computer source code | |
| Muthukumaran et al. | Protecting the integrity of trusted applications in mobile phone systems | |
| GB2642202A (en) | Method and system of identifying security encryption algorithm |