Desgin Of Pe File Encryptor

The world has entered the information age, as the rapid growth of computer networks and Internet, our life has changed a lot. Now, people can just be at home, and sit in front of the computer on the completion of the purchase, transfer, mail and other activities. It is involved in information technology to all aspects of social life, including those relating to national security, political, economic and military situation, as well as some private enterprises and the confidentiality of sensitive information, therefore it has become the main target of hostile countries and a number of computer hackers. The threats and attacks are mainly on two aspects, one is referring the hardware , such as natural disasters, man-made destruction and so on, this situation can avoid by redundant backupingthe information system; For another is the threats and attacks of software, including the leaking of information and damage information, information interception, interception, steal, delete and so on.This raises many new issues of information security, information such as encryption, digital signature authentication. With the proliferation of e-commerce networks, such as the rapid growth of the business, information security has become more and more important. Data Encryption technology is the most basic network security technology. It protect the security through encrypted the information which transmit in the network .To the public key cryptography algorithm, its "security" means a change, that is, it is assumed that analyst needs a very long time from the password encryption to transform computing decryption transform. So there is no harm ,or it is just to be"safe",to open the encrypted transform for us.Public key algorithm is designed to confront against the chosen-plaintext attack , the security co-exist in the difficulty which inferred the private key from public key and the plaintext from the ciphertext, but the majority of the public key algorithm is sensitive to the Chosen-ciphertext attack. As cryptanalysts are in moving towards the analysis of the public key algorithm, they can choose any plaintext to encrypt,that is set to C = Ex (P), they can guess the value of P and easy-to-guess test.It is trouble that if the number of plaintexts is a few small enough to be exhaustive search,but it can be resolved by filling specifically in the random bit string in the plaintext, that is, express the same encryption into different ciphertext.PE (Portable Executable) file is the mainstream executable file format of Windows 95 / NT operating system , it is in detail defined the definition of the PE file format in the header file WINNT. H of WIN32SDK and it is concluded by DOS Sub, PE file header, the block list, block, support Pieces of information, such as parts.RSA encryption using the PE file structure contains three parts: the completion of large numbers RSA operations, the realization of RSA authentication code, modify PE file structure makes implementation of the PE file to run when the first authentication code.PE file encryption and RSA authentication code operation, to achieve the best use of assembly language, but must be used in large numbers RSA operations (RSA1024 is a big integer 1024), compiled with the basic language is not possible, it will be much easier if use a high-level languages.Therefore, high-level language can be used to RSA operation of large numbers of code compiled into a DLL, so that added to the PE file code can be compiled into the DLL, and the implementation of the computing functions of large numbers to achieve RSA authentication.Each treated in the PE file to run, there is need to ensure the implementation of the RSA Authentication DLL. The specific method is to add the DLL as a data file to the new PE, RSA authentication by the ASM code to find the data to generate temporary DLL, and after the completion of the verification it will delete the temporary DLL. The process of RSA's authentication:①the implementation of on-site preservation of the original PE;②to find the rear of the DLL data of PE;③generate temporary DLL files and loading;④to get the information M ' from the authentication of RSA ;⑤comparison input information M, if M = M', then jump Go to Step 6;⑥to remove DLL file, to restore the original implementation of the PE-site procedures and switch to OEP (Original Entry Point), continue to carry out;⑦to delete temporary files from the DLL and exit.This part of the code must be edited in the ASM and compiled into a binary code, in which the re-positioning and AP I need to address in this code, to ensure that the code can be executed directly after the superinduce of the PE file .The process to amend the PE document:①to add a section in the final structure of PE, the size of its RSA authentication for the realization of the ASM compiler generated by the size of the binary code to join the RSA Authentication DLL file size;②to add the binary code which used to realize RSA Verification in the new Section and join the DLL file in the back;③to preserve the OEP (original entry point)of the original PE, to amend the PE to a new entry point increase Sec2tion the beginning of the RVA (relative virtual address);④to modify the header file content of PE to make the new PE file suit the file structure of the PE.This test is aimed at the shortcomings which assembly language is difficult to achieve RSA algorithm for computing the characteristics of large integer and requested additional support that is provided by DLL ,based on the method of Derome, introduced a fast RSA key generation method , it is used of the executable authentication codes which are compiled by high-level language ASM and the method which is combined of DLL file of PE to amend the existing ways to Win32's PE file to achieve RSA1024 even the validation of RSA2048 .It can directly add RSA authentication function to the PE executable file in the situation that the authors do not be required any changes , and do not require Attached DLL file, for the realization of PE file encryption and security has been very good strength.