基于白盒密码的移动应用安全研究
发布时间:2019-04-08 11:11
【摘要】:随着智能终端的飞速发展,移动应用深入人们的生活当中,同时移动应用所面临的安全问题也日趋严重,已经成为信息安全领域关注的新重点。在移动应用安全的解决方案当中,密码算法仍然是核心技术,但密码算法在移动终端的使用过程中面临着诸多的困境。白盒密码理论的提出为解决这一问题提供了新思路,但白盒密码在应用过程中,存在效率低、空间占用大和缺乏实际应用案例等诸多问题,需要研究及解决。本论文主要围绕白盒密码理论开展研究,从白盒密码算法的实现及优化和基于白盒密码的Android应用加固系统的设计与实现两个方面研究了白盒密码算法及其在移动应用安全中的问题。主要工作和成果体现在以下两个方面:1)深入研究白盒密码算法的实现以及执行过程,针对实现中的特点提出相应的算法设计优化思路;同时针对整个算法实现提出了系统优化方法,最后针对x86平台以及ARM平台的特性,使用SSE2指令集以及NEON技术完成指令级优化,将Xiao提出的白盒AES算法的执行时间效率提升到可实用的范围以内。2)探讨了白盒密码在移动应用保护中存在的问题,并提出了相应的解决方案,设计并实现了基于白盒密码算法的Android应用加固系统,白盒密码的应用,提升了被加固应用的安全性。使被加固的应用更好的抵抗静态分析以及动态破解等攻击。
[Abstract]:With the rapid development of intelligent terminals, mobile applications go deep into people's lives. At the same time, the security problems faced by mobile applications are becoming more and more serious, which has become a new focus in the field of information security. In the solution of mobile application security, cryptographic algorithm is still the core technology, but the cryptographic algorithm is faced with many difficulties in the process of using mobile terminal. The white box cryptography theory provides a new way to solve this problem, but in the application of white box cryptography, there are many problems, such as low efficiency, large space occupation and lack of practical application cases, which need to be studied and solved. This thesis mainly focuses on the white-box cryptography theory. The implementation and optimization of white-box cryptography algorithm and the design and implementation of Android application reinforcement system based on white-box cipher are studied in this paper. The white-box cryptography algorithm and its problems in mobile application security are studied. The main work and achievements are as follows: 1) the implementation and execution process of the white-box cipher algorithm are deeply studied, and the corresponding algorithm design optimization ideas are put forward according to the characteristics of the implementation; At the same time, aiming at the realization of the whole algorithm, the system optimization method is put forward. Finally, according to the characteristics of x86 platform and ARM platform, the instruction level optimization is accomplished by using SSE2 instruction set and NEON technology. The execution time efficiency of the white-box AES algorithm proposed by Xiao is raised to a practical range. 2) the problems existing in the protection of white-box cryptography in mobile applications are discussed, and the corresponding solutions are put forward. The Android application reinforcement system based on white-box cipher algorithm is designed and implemented. The application of white-box cipher improves the security of the strengthened application. The reinforced application is better resistant to static analysis and dynamic cracking.
【学位授予单位】:北京邮电大学
【学位级别】:硕士
【学位授予年份】:2016
【分类号】:TP309
[Abstract]:With the rapid development of intelligent terminals, mobile applications go deep into people's lives. At the same time, the security problems faced by mobile applications are becoming more and more serious, which has become a new focus in the field of information security. In the solution of mobile application security, cryptographic algorithm is still the core technology, but the cryptographic algorithm is faced with many difficulties in the process of using mobile terminal. The white box cryptography theory provides a new way to solve this problem, but in the application of white box cryptography, there are many problems, such as low efficiency, large space occupation and lack of practical application cases, which need to be studied and solved. This thesis mainly focuses on the white-box cryptography theory. The implementation and optimization of white-box cryptography algorithm and the design and implementation of Android application reinforcement system based on white-box cipher are studied in this paper. The white-box cryptography algorithm and its problems in mobile application security are studied. The main work and achievements are as follows: 1) the implementation and execution process of the white-box cipher algorithm are deeply studied, and the corresponding algorithm design optimization ideas are put forward according to the characteristics of the implementation; At the same time, aiming at the realization of the whole algorithm, the system optimization method is put forward. Finally, according to the characteristics of x86 platform and ARM platform, the instruction level optimization is accomplished by using SSE2 instruction set and NEON technology. The execution time efficiency of the white-box AES algorithm proposed by Xiao is raised to a practical range. 2) the problems existing in the protection of white-box cryptography in mobile applications are discussed, and the corresponding solutions are put forward. The Android application reinforcement system based on white-box cipher algorithm is designed and implemented. The application of white-box cipher improves the security of the strengthened application. The reinforced application is better resistant to static analysis and dynamic cracking.
【学位授予单位】:北京邮电大学
【学位级别】:硕士
【学位授予年份】:2016
【分类号】:TP309
【参考文献】
相关期刊论文 前6条
1 林婷婷;来学嘉;;白盒密码研究[J];密码学报;2015年03期
2 李侠;;Android操作系统安全机制研究[J];电脑知识与技术;2014年06期
3 陈佳康;李晖;王s,
本文编号:2454527
本文链接:https://www.wllwen.com/kejilunwen/ruanjiangongchenglunwen/2454527.html
