Research On Some Key Technologies Of Software Security

With the fast development of the software industry and the speedy distribution through the networks, it has become an extremely important problem and attracted increasing atention to protect the security of software products. It is very important to the copyright of software products by analyzing the software's security and finding good methods to increase the security.The hidden troubles of software's security exist in the courses of the designing, issuance and applying. The key source codes and files at developing process face the leakage danger because the use of network; after issueing the software, some codes are easy to decompile because of their own mechanism, for example the Java code file, this provides the advantage to the pirate; farther, there exist the security problem at the communication process of many softwares, especially the process of key agreement, using the method of man-in-the-middle attack, the attackers can easily get the conversation key, and then get the communication data, so the attackers can not only steal the user's important information, but also pirate the software by analyzing the flow of software. Main achievements in this paper are summarized as follows:1. Based on analyzing the existing software obfuscation method, designed an obfuscation scheme used chaos system to control the output of our constructing Opaque Predicates. It increased the complexity by employing the character of a group of indeterminate equations' solutions to construct a family of parametrized opaque predicates; mapped the output of opaque predicates to the dynamic data-struct and used the chaos system to control the process of producing data-struct to disturb the attackers' tracking debug; improved the difficulty of decompile by choosing Knapsack cryptosystems to change the opaque predicates' output to the corresponding judgement. 2. The method that protects Java bytecode by encryption brings two problems, one is the key management and the other is the influence to the code's upgrade. In order to resolve these problems, a security key management using Shamir Threshold algorithm was proposed, and it was implemented on Java ?. The influence to the code's upgrade can be avoided by using different key to different Java bytecode file, then broke up the key into many pseudo-random genes, diffused the genes into the encrypted file by scramble algorithm and exclusive OR operation; Using randomly genes to recover the key at the program running, the probability of using the same genes repeatedly became very small, so the difficulty of tracking the process of producing the key was enhanced. The data of running efficiency was given.3. Another way to encrypt the Java bytecode without hiding much information is also proposed, it divided the file into many parts and encrypted the part with the key that was extracted from the others' information, the key was dynamically extracted when decrypted.4. Based on researching the danger of the software communication and analyzing the man-in-the-middle attack to the remote desktop protocol, a model of security key agreement model using Code Division Multiple Access (CDMA) technique was proposed.5. A system is proposed based on access control, encryption and digital watermark. The system can prevent the leakage of files in intranets. In the system, two digital watermarks are embedded in a file. The first watermark prevents the file to be tampered. The second watermark like a ticket, it denotes the security level of the file. Only the file that is embedded second watermark can be transmitted among intranets and from intranets to internets. The file without the second watermark can't be copied by I/O equipments or transmitted. The file, which first watermark is embedded in, is encrypted before the second watermark is embedded. Thus only the authorized users can decrypt the file and read it.