USB Key安全浅析

1 The HASP-HL Crack SolutionHASP-HL is the current protection hardware by Aladdin Knowledge Systems. This document explains how to crack and bypass the security of HASP-HL – “their so-called Next Generation of Software Protection”.2 HASP-HL EnvelopeThe envelope encryption is done via a graphical user interface as shown in Figure 1. The encryption options are set by default to provide a high level of security. The selection of additional options (more encryption/anti debug modules, detection of user mode and system mode debuggers) has no influence on the analysis and mainly increases the size of the resulting executable and the startup time. Within the analysis there are no noticeable effects of these additional settings.Figure 1 Automatic encryption window of HASP-HLThe Encryption itself encrypts code and data. Resources are not encrypted even if the resource section is included in the list of sections to be encrypted. The Import Address Table (IAT) is encrypted and some APIs are redirected to the security engine (see also the detailed list of the redirected 633 APIs in the appendix). For the runtime check a separate thread is initiated. Anti debugging measures are in place which are mainly active at program startup time. Once the Security engine has decrypted the program it can be dumped to disk. After the IAT of the dump is restored and the program is reset to the Original Entry Point (OEP) the executable can be run without the HASP-HL.2.1 Locating the Original Entry Point (OEP)The OEP can be located using the standard hacker tool OllyDbg. Due to anti-debug measures some hardening of the debugger is required.2.1.1 Installing OllyDbg and the necessary pluginsOllyDbg is copied into a separate directory. There is no dedicated installation necessary. OllyDbg can be obtained from various websites including the homepage of OllyDbg:http://www.ollydbg.de/The current version 1.10 is the preferred version.To analyze HASP-HL it is necessary to install two plugins into OllyDbg: IsDebuggerPresent and OllyDump. These plugins are available from:/stuph/The plugins are simply copied into the same directory as OllyDbg.2.1.2 Hardening OllyDbgOllyDbg will be recognized by one of the several text references to OllyDbg inside the code. The usual way to evade this kind of debugger detection is to replace all occurrences of the string OllyDbg inside the executable to something else with the same length. Also the filename of the executable should be changed to this alternate name. Due to the structure of the plugins it is necessary to keep an original copy of OllyDbg in the same directory as the modified version. The string replacement can be done with any usual hex-editor.2.1.3 Setting the optionsStart the hardened OllyDbg (here for simplicity still referenced as OllyDbg) and choose from the menu Options / Debugging Options. In the options dialog select the SFX-tab and select “Extend code section to include extractor”, “Stop at entry of self-extractor”, and “Pass exceptions to SFX extractor” as shown in Figure 2.Figure 2: OllyDbg SFX DialogAs shown in Figure 3, in the tab Exceptions select mostly everything that can be selected. This will disarm some anti-debugging involving illegal opcodes, illegal memory accesses, and some more.Figure 3: OllyDbg Exceptions Dialog2.1.4 Tracing the OEPNow load the protected application into the debugger using the File / Open from the menu. Be sure to have the original HASP-HL dongle attached to the computer when loading the program. After a short analysis and two warnings about encrypted programs etc. the debugger should halt on the entry point of the application. Turn on the debugger hiding by selecting “Plugins / IsDebuggerPresent / Hide”. Alternatively you can set the “autohide” in Options Menu of the IsDebuggerPresent plugin. Switch to the hexdump section and go to the address of “ExitProcess” in Kernel32. To go to this Address use “<Ctrl> G” or the context menu. The entered Address is case sensitive. Select left topmost byte with the left mouse button. Then set a hardware breakpoint by clicking right, choosing “Breakpoint / Hardware on write / Byte”. Now run the program using <F9> until it hits the breakpoint. Switch to the memory window by hitting “<Alt> M” or selection “View / Memory” from the menu and highlight the code section (usually named “text”) of the protected program by left clicking it. Set a breakpoint on the section with <F2>. Your screen should look somewhat like Figure 4.Figure 4: OllyDbg with Breakpoint on code sectionIf you <F9> (Run) now the Debugger will put the program at the Original Entry Point (OEP). To get the relative entry point from the module start the module base (address of PE header) from the “Memory” window has to be subtracted. In this case 1,000,000. This OEP is needed in the next steps. Please leave the window open as it is still needed for the dump.2.2 Dumping the ExecutableOnce the program is halted at the Original Entry Point (OEP) the program can be dumped to disk. To do this click right into the disassembler window and select “Dump debugged process”. A dialog pops up in which you can save the program to disk. Please uncheck the “Rebuild Import” checkbox as this will not work correctly in this case. The entry point should be set automatically to the correct OEP. Otherwise please correct. The other setting should not be changed from the default values.2.3 Rebuilding the ExecutableTo rebuild the executable it is necessary to create a new Import Address Table (IAT). The original table has been destroyed by the encryptor and the links are rebuilt in real-time by the startup code of the protection engine. The rebuilding process can be managed using another standard hacker tool (Import Reconstructor, ImpRec).2.3.1 Installing ImpRecImpRec can be obtained from a number of pages including/mackt/projects/imprec/ucfir16f.zipImpRec does not require a dedicated installation. To install it copy it into an appropriate directory.Be sure to select the Option “Fix EP to OEP” in the options menu (Figure 5)Figure 5: ImRec Options Menu2.3.2 Rebuilding the IATStart the protected application. Once it is running start ImpRec. If ImpRec is running at program startup it will be detected as a Debugger. Do not forget to connect the dongle.Attach ImpRec to the running process by selecting the correct entry in the drop down list.Enter the OEP calculated above and hit the button “IAT AutoSearch”. The button “Get Imports” delivers the list of imported APIs with still some entries invalid. To see the invalid entries hit the button “Show Invalid”. This should result in a list similar to the list below (Figure 6) with some entries (in this case 74) are highlighted. As the following process might involve some iterations hit the “Save Tree” and store the results found so far in a text file. After restarting ImpRec and re-attaching to the executable this file can be loaded using “Load Tree”.Figure 6: ImpRec invalid entriesNow right click on an invalid API and select “Trace Level3 (Trap Flag)”. ImpRec should now resolve the invalid APIs one by one. Eventually the protected application will terminate or ImpRec is “unable to initialize the tracer”. In this case save the tree again, exit ImpRec, restart the application, restart ImpRec, Attach to the process, load the tree, hit “Show Invalid”, and manually deselect the first invalid entry (<Ctrl> <left click>) to stop ImpRec from resolving this entry again. If you have to restart multiply, you should successively deselect all problematic entries. With HASP-HL 1.20 there should be a maximum of 3 different problematic entries (out of several hundred redirected entries). The problematic entries are:1.GetVersion2.GetProcAddress3.ExitProcess2.3.3 Resolving the problematic 3 entriesResolving these three entries requires either a little trial and error or a short debugging session. For the invalid entries ImpRec offers the Address to which the API has been redirected. In the example below (Figure 7) it would be the address “011D368”. In a new debugger session (the old one will be detected as a debugger session because of the long delay) the address should be entered as a hardware breakpoint by calling <Ctrl G> in the disassembler window and than setting a hardware breakpoint on execution using a right click. A hardware breakpoint is needed here as the code has still to be decrypted. If a breakpoint occurs a short inspection reveals the correct entry. “GetVersion” is usually called at the beginning. “GetProcAddress” has the Address of an API and a module handle on the stack (lower right in the CPU windows, see Figure 8, were the entry “RegisterPenApp” and a reference to kerner32 is passed on the stack). “ExitProcess” is called to terminate the program. In Delphi-applications some of these APIs can be referenced multiply. If all APIs have been identified they can be entered in ImpRec by double clicking the respective invalid API. A list of possible APIs pops up and the correct one can be selected (see Figure 9). This leads to a completed import tree.Figure 7: Address of redirected functionFigure 8: Resolving additional APIsFigure 9: Selecting a resolved API2.3.4 Fixing the executableAfter all invalid entries have been fixed the dump can be adjusted to contain the correct OEP and a correct IAT. To fix the executable it is positively necessary to have ImpRec attached to the running program. Again due to debugger detection ImpRec has to be started after the protected program. If necessary load the completed tree file. Now hit the button “FixDump” and select the dump created in step 2.2 using OllyDebug. The new executable will contain an appended underscore and should be able to be run without a HASP-HL dongle.3 ConclusionThe automatic protection by HASP-HL from Aladdin knowledge systems provides a limited protection that can be removed with some experience and prior knowledge within a few minutes of time. If no dongle is available a restoration is not possible due to the encryption. The large number of redirected APIs (up to several hundred) and the considerable number of anti-debugging modules (50) seems to provide absolutely no security. Even after a closer look the purpose of the anti-debugging modules is unclear as they show no effect at all. The large number of redirects can be reduced to 3 by use of automatic tools. Here too the reason for the large number remains unclear as it has no effect on the security.4 Appendices4.1 List of redirected APIsSome APIs that are redirected by HASP-HL 1.20 are identified and are listed here for completeness4.1.1 Kernel32.dllkernel32.dll, WriteTapemark, WriteProcessMemory, WritePrivateProfileStructW, WritePrivateProfileStructA, WritePrivateProfileStringW, WritePrivateProfileStringA, WriteFileEx, WriteFile, WriteConsoleOutputW, WriteConsoleOutputCharacter, WriteConsoleOutputAttribute, WinExec, WideCharToMultiByte, WaitNamedPipeW, WaitNamedPipeA, WaitForDebugEvent, WaitCommEvent, VirtualUnlock, VirtualQueryEx, VirtualQuery, VirtualProtectEx, VirtualProtect, VirtualLock, VirtualFreeEx, VirtualFree, VirtualAlloc, VerifyVersionInfoA, VerSetConditionMask, VerLanguageNameA, UpdateResourceW, UpdateResourceA, UnlockFileEx, UnlockFile, TransmitCommChar, SystemTimeToFileTime, SuspendThread, SetupComm, SetWaitableTimer, SetVolumeLabelA, SetThreadPriorityBoost, SetThreadPriority, SetThreadExecutionState, SetThreadAffinityMask, SetTapePosition, SetTapeParameters, SetSystemTimeAdjustment, SetSystemTime, SetStdHandle, SetProcessWorkingSetSize, SetProcessPriorityBoost, SetPriorityClass, SetNamedPipeHandleState, SetMailslotInfo, SetLocaleInfoA, SetLocalTime, RestoreLastError, SetHandleInformation,SetFirmwareEnvironmentVaria, SetFileValidData, SetFileTime, SetFileShortNameW, SetFilePointerEx, SetFilePointer, SetFileAttributesW, SetErrorMode, SetEnvironmentVariableW, SetEnvironmentVariableA, SetEndOfFile, SetCurrentDirectoryW, SetComputerNameW, SetComputerNameA, SetCommTimeouts, SetCommState, SetCommMask, SetCommConfig, SearchPathW, SearchPathA, ScrollConsoleScreenBufferW, ScrollConsoleScreenBufferA, ResumeThread, ResetWriteWatch, RemoveDirectoryW, ReadProcessMemory, ReadFileEx, ReadDirectoryChangesW, ReadConsoleW, ReadConsoleOutputW, ReadConsoleOutputCharacterW, ReadConsoleOutputAttribute, ReadConsoleOutputA, ReadConsoleA, RaiseException, QueueUserAPC, QueryPerformanceFrequency, QueryPerformanceCounter, QueryDosDeviceA, QueryDepthSList, PurgeComm, ProcessIdToSessionId, PrepareTape, OutputDebugStringW, OpenWaitableTimerW, OpenWaitableTimerA, OpenThread, OpenSemaphoreW, OpenSemaphoreA, OpenProcess, OpenMutexW, OpenMutexA, OpenFileMappingW, OpenFileMappingA, OpenEventW, OpenEventA, MultiByteToWideChar, MapViewOfFileEx, MapViewOfFile, LockFileEx, LockFile, LocalReAlloc, LocalLock, LocalFree, LocalAlloc, LCMapStringW, LCMapStringA, IsValidLocale, HeapWalk, HeapValidate, HeapUnlock, HeapSize, HeapSetInformation, HeapReAlloc, HeapQueryInformation, HeapLock, HeapFree, HeapDestroy, HeapCreate, HeapCompact, HeapAlloc, GlobalWire, GlobalUnfix, GlobalUnWire, GlobalMemoryStatusEx, GlobalMemoryStatus, GlobalFix, GetWriteWatch, GetVersionExA, GetVersion, GetUserGeoID, GetUserDefaultLCID, GetTimeFormatW, GetTimeFormatA, GetThreadTimes, GetThreadSelectorEntry, GetThreadPriorityBoost, GetThreadPriority, _hwrite, GetTempPathA, GetTempFileNameW, GetTempFileNameA, GetTapePosition, GetTapeParameters, GetSystemWindowsDirectoryA, GetSystemTimeAdjustment, GetSystemTime, GetSystemPowerStatus, GetSystemInfo, GetSystemDirectoryA, GetStringTypeExW, GetStringTypeExA, GetStringTypeA, GetQueuedCompletionStatus, GetProfileStringW, GetProfileStringA, GetProcessWorkingSetSize, GetProcessTimes, GetProcessPriorityBoost, GetProcessId, GetProcessHeaps, GetProcessAffinityMask, GetProcAddress, GetPrivateProfileStructW, GetPrivateProfileStructA, GetPrivateProfileStringW, GetPrivateProfileStringA, GetPrivateProfileSectionW, GetPrivateProfileSectionA, GetPrivateProfileIntW, GetPrivateProfileIntA, GetPriorityClass, GetNumberFormatA, GetNumaHighestNodeNumber, GetNamedPipeInfo, GetNamedPipeHandleStateW, GetNamedPipeHandleStateA, GetModuleHandleW, GetModuleFileNameA, GetMailslotInfo, GetLogicalDrives, GetLogicalDriveStringsW, GetLogicalDriveStringsA, GetLocaleInfoA, GetLocalTime, GetHandleInformation, GetFullPathNameA, GetFirmwareEnvironmentVaria, GetFileType, GetFileTime, GetFileSizeEx, GetFileSize, GetFileAttributesW, GetFileAttributesExW, GetExitCodeThread, GetExitCodeProcess, GetEnvironmentVariableW, GetEnvironmentVariableA, GetEnvironmentStrings, GetDriveTypeW, GetDiskFreeSpaceW, GetDiskFreeSpaceExW, GetDiskFreeSpaceExA, GetDiskFreeSpaceA, GetDevicePowerState, GetDateFormatW, GetDateFormatA, GetCurrencyFormatW, GetCurrencyFormatA, GetComputerNameW, GetComputerNameA, GetCompressedFileSizeW, GetCommTimeouts, GetCommState, GetCommProperties, GetCommModemStatus, GetCommMask, GetCommConfig, GetCPInfoExA, GetBinaryType, FormatMessageW, FormatMessageA, FoldStringW, FoldStringA, FlushViewOfFile, FlushInstructionCache, FlushFileBuffers, FindNextFileA, FindFirstFileExW, FindFirstFileExA, FindFirstFileA, FindFirstChangeNotification, FillConsoleOutputCharacterW, FillConsoleOutputAttribute, FileTimeToSystemTime, FileTimeToDosDateTime, FatalAppExitW, FatalAppExitA, ExpandEnvironmentStringsW, ExpandEnvironmentStringsA, ExitProcess, EscapeCommFunction, EraseTape, EndUpdateResourceW, DosDateTimeToFileTime, DisconnectNamedPipe, DeleteFileW, DeleteFiber, DefineDosDeviceW, DefineDosDeviceA, DebugSetProcessKillOnExit, CreateWaitableTimerA, CreateThread, CreateTapePartition, CreateSemaphoreW, CreateSemaphoreA, CreateProcessW, CreateProcessA, CreatePipe, CreateNamedPipeW, CreateNamedPipeA, CreateMutexW, CreateMutexA, CreateMailslotW, CreateMailslotA, CreateIoCompletionPort, CreateFileW, CreateFileMappingW, CreateFileMappingA, CreateFileA, CreateFiberEx, CreateEventW, CreateEventA, CreateDirectoryW, CreateDirectoryExA, CopyFileExA, CopyFileA, ContinueDebugEvent, ConnectNamedPipe, CompareStringW, CompareStringA, ClearCommError, CancelIo, CallNamedPipeA, BuildCommDCBW, BuildCommDCBAndTimeoutsW, BuildCommDCBA, BeginUpdateResourceW, BeginUpdateResourceA, Beep, BackupWrite, BackupSeek, BackupRead, _hread, _hwrite, lstrcmpi, CreateWaitableTimerW4.1.2 User32.dllIsCharAlphaW, IsCharAlphaNumericW, IsCharAlphaNumericA, IsCharAlphaA, InsertMenuW, InsertMenuItemW, InsertMenuItemA, InsertMenuA, GrayStringW, GrayStringA, GetWindowThreadProcessId, GetUserObjectSecurity, GetUserObjectInformationA, GetThreadDesktop, GetTabbedTextExtentW, GetTabbedTextExtentA, GetMessageW, GetMessageA, GetMenuStringW,GetMenuStringA, GetMenuItemInfoW, GetMenuItemInfoA, GetKeyboardType, GetKeyboardLayoutNameW, GetDlgItemTextW, GetClipboardData, GetClassNameW, GetClassInfoW, GetClassInfoExW, GetClassInfoExA, GetClassInfoA, FillRect, ExitWindowsEx, EnableMenuItem, DrawTextW, DrawTextExW, DrawTextExA, DrawTextA, DrawStateW, DrawStateA, DrawIconEx, DrawEdge, DlgDirSelectExA, DlgDirSelectComboBoxExA, DlgDirListW, DlgDirListComboBoxW, DialogBoxParamW, DialogBoxParamA, DialogBoxIndirectParamW, DialogBoxIndirectParamA, DefFrameProcW, DefFrameProcA, CreateWindowStationW, CreateWindowStationA, CreateWindowExW, CreateWindowExA, CreateMDIWindowW, CreateMDIWindowA, CreateIconFromResourceEx, CreateIcon, CreateDialogParamW, CreateDialogParamA, CreateDialogIndirectParamW, CreateDialogIndirectParamA, CreateDesktopW, CreateDesktopA, CreateCursor, CopyImage, CopyIcon, CheckMenuRadioItem, CheckMenuItem, CharUpperW, CharUpperBuffA, CharUpperA, CharToOemBuffW, IsCharUpperA, CharPrevW, CharPrevExA, CharPrevA, CharNextW, CharLowerW, CharLowerBuffA, CharLowerA, ChangeMenuW, ChangeMenuA, IsCharLowerA, ChangeDisplaySettingsExA, CascadeWindows, CallWindowProcW, CallWindowProcA, CallNextHookEx, CallMsgFilterW, CallMsgFilter, BroadcastSystemMessageW, BroadcastSystemMessage, AppendMenuW, AppendMenuA, MessageBoxExW, MessageBoxIndirectA, MessageBoxIndirectW, ModifyMenuA, ModifyMenuW, MsgWaitForMultipleObjects, MsgWaitForMultipleObjectsEx, OemToCharBuffW, OpenClipboard, OpenDesktopA, OpenDesktopW, OpenWindowStationA, OpenWindowStationW, PeekMessageA, PeekMessageW, PostMessageA, PostMessageW, PostThreadMessageA, RegisterClassA, RegisterClassW, RegisterClipboardFormatA, RegisterClipboardFormatW, RegisterClipboardFormatA, RegisterClipboardFormatW, RemovePropA, RemovePropW, ScrollDC, ScrollWindow, ScrollWindowEx, SendDlgItemMessageA, SendDlgItemMessageW, SendMessageA, SendMessageCallbackA, SendMessageCallbackW, SendMessageTimeoutA, SendMessageTimeoutW, SendMessageW, SendNotifyMessageA, SendNotifyMessageW, SetClassLongA, SetClassLongW, SetClipboardData, SetDlgItemInt, SetMenuItemBitmaps, SetMenuItemInfoA, SetMenuItemInfoW, SetPropA, SetPropW, SetRect, SetScrollPos, SetScrollRange, SubtractRect, TabbedTextOutA, TabbedTextOutW, TileWindows, ToAscii, ToAsciiEx, ToUnicode, ToUnicodeEx, TrackPopupMenu, UnionRect, UnregisterClassA, UnregisterClassW, VkKeyScanA, VkKeyScanExA, WaitForInputIdle, WinHelpA, WinHelpW, keybd_event, mouse_event, wvsprintfA, wvsprintfW, IsCharUpperW, IsDialogMessageW, LoadBitmapA, LoadCursorA, LoadCursorFromFileA, LoadIconA, LoadImageA, LoadImageW, LoadKeyboardLayoutA, LoadMenuIndirectA, LoadMenuIndirectA, ChangeDisplaySettingsExW, IsCharLowerW, LoadStringA, LookupIconIdFromDirectoryEx, MapVirtualKeyExA, MessageBoxExA4.1.3 Advapi32.dllSetFileSecurityW, SetFileSecurityA, RevertToSelf, RegisterEventSourceW, RegisterEventSourceA, RegUnLoadKeyW, RegUnLoadKeyA, RegSetValueW, RegSetValueA, RegSetKeySecurity, RegSaveKeyW, RegSaveKeyExW, RegSaveKeyExA, RegSaveKeyA, RegRestoreKeyW, RegRestoreKeyA, RegReplaceKeyW, RegReplaceKeyA, RegQueryValueW, RegQueryValueExW, RegQueryValueExA, RegQueryValueA, RegQueryMultipleValuesW, RegQueryMultipleValuesA, RegQueryInfoKeyW, RegQueryInfoKeyA, RegOpenUserClassesRoot, RegOpenKeyExW, RegOpenKeyExA, RegNotifyChangeKeyValue, RegLoadKeyW, RegLoadKeyA, RegGetKeySecurity, RegFlushKey, RegEnumValueW, RegEnumValueA, RegEnumKeyW, RegEnumKeyExW, RegEnumKeyExA, RegEnumKeyA, RegDeleteValueW, RegDeleteValueA, RegDeleteKeyW, RegDeleteKeyA, RegCreateKeyExW, RegCreateKeyExA, RegCreateKeyA, RegConnectRegistryW, RegConnectRegistryA, ReadEventLogW, ReadEventLogA, PrivilegedServiceAuditAlarm, PrivilegeCheck, OpenEventLogW, OpenEventLogA, OpenEncryptedFileRawA, OpenBackupEventLogW, OpenBackupEventLogA, ObjectPrivilegeAuditAlarmW, ObjectPrivilegeAuditAlarmA, ObjectOpenAuditAlarmW, ObjectOpenAuditAlarmA, ObjectDeleteAuditAlarmW, ObjectDeleteAuditAlarmA, ObjectCloseAuditAlarmW, ObjectCloseAuditAlarmA, MakeAbsoluteSD, LookupPrivilegeValueW, LookupPrivilegeValueA, LookupPrivilegeNameW, LookupPrivilegeNameA, LookupPrivilegeDisplayNameW, LookupAccountSidW, LookupAccountSidA, LookupAccountNameW, LookupAccountNameA, LogonUserW, LogonUserExW, LogonUserExA, LogonUserA, IsTokenUntrusted, IsTokenRestricted, InitiateSystemShutdownW, InitiateSystemShutdownExW, InitiateSystemShutdownExA, InitiateSystemShutdownA, ImpersonateNamedPipeClient, ImpersonateLoggedOnUser, GetTokenInformation, GetSecurityDescriptorSacl, GetSecurityDescriptorOwner, GetSecurityDescriptorGroup, GetSecurityDescriptorDacl, GetPrivateObjectSecurity, GetKernelObjectSecurity, GetFileSecurityW, GetFileSecurityA, GetEventLogInformation,AbortSystemShutdownA, AccessCheck, AccessCheckAndAuditAlarmA, AccessCheckAndAuditAlarmW, AddAce, AddAuditAccessAce, AdjustTokenGroups, AdjustTokenPrivileges, AllocateAndInitializeSid, BackupEventLogA, BackupEventLogW, CheckTokenMembership, ClearEventLogA, ClearEventLogW, CreatePrivateObjectSecurity, CreateProcessAsUserW, FileEncryptionStatusA, EncryptFileA, DuplicateTokenEx, DecryptFileA, CreateRestrictedToken。

二代USBKey产品调研报告1.二代USBKey介绍二代USBKey(又叫增强型USBKey)在一代USBKey的基础上，增加了液晶屏和按键两项新功能，除了具备一代USBKey的功能外,还能将网银系统传入的要签名的信息根据银行系统自定义的规则，通过液晶屏显示给客户进行交易按键确认，用户所见信息就是要传给网银验签服务器真正进行交易的信息，所见即所签，防止数据在客户端被黑客程序、木马病毒等纂改而导致非法交易。

因此，二代USBKey 较一代USBKey能够真正确保数据在客户端的安全性，使整个交易过程无懈可击。

2.监管要求针对电子银行信息安全管理及风险防范，中国人民银行于2010年1月19日制订并印发了《网上银行系统信息安全通用规范（试行）》（银发【2010】19号），其中6.1.2.1 部分对USB Key产品的技术规范、性能参数及业务运作安全规范提出了明确的要求，同时在分析各金融单位网上银行系统曾经发生过的一些风险案例后提出了增强要求，且明确规定增强要求必须在文件下发之日起三年内达标。

关于二代USBKey具体要求摘录如下：【基本要求】e）应保证私钥在生成、存储和使用等阶段的安全：●USB Key在执行签名等敏感操作前应经过客户身份鉴别。

●USB Key在执行签名等敏感操作时，应具备操作提示功能，包括但不限于声音、指示灯、屏幕等显示形式。

【增强要求】a)USB Key应能够防远程挟持，例如具有屏幕提示、语音提示、按键确认等功能，可以对交易指令完整性进行校验、对交易指令合法性进行鉴别、对关键交易数据进行输入和确认。

b)未经过按键确认，USB Key不能签名和输出，在等待一段时间后，可自动清除数据，并复位状态。

c)USB Key应能够自动识别待签名数据的格式，识别后在屏幕上显示签名数据或对其进行语音提示。

按照人民银行要求，截止2013年1月18日之前，我行必须完成网上银行系统USBKey的升级改造工作，以达到人民银行上述增强要求。

随着电子商务的迅速发展，信息安全已成为焦点问题之一，尤其是网上支付和网络银行对信息安全的要求显得更为突出。

为了能在因特网上开展安全的电子商务活动，公开密钥基础设施（ PKI, Public Key Infrastructure ）逐步在国内外得到广泛应用。

我们是否真的需要 PKI ， PKI 究竟有什么用？下面通过一个案例一步步地来剖析这个问题 : 甲想将一份合同文件通过 Internet 发给远在国外的乙，此合同文件对双方非常重要，不能有丝毫差错，而且此文件绝对不能被其他人得知其内容。

如何才能实现这个合同的安全发送？问题 1: 最自然的想法是，甲必须对文件加密才能保证不被其他人查看其内容，那么 , 到底应该用什么加密技术，才能使合同传送既安全又快速呢 ?可以采用一些成熟的对称加密算法 , 如 DES 、 3DES 、 RC5 等对文件加密。

对称加密采用了对称密码编码技术，它的特点是文件加密和解密使用相同的密钥，即加密密钥也可以用做解密密钥，这种方法在密码学中叫做对称加密算法，问题 2: 如果黑客截获此文件，是否用同一算法就可以解密此文件呢 ?不可以 , 因为加密和解密均需要两个组件 : 加密算法和对称密钥 , 加密算法需要用一个对称密钥来解密 , 黑客并不知道此密钥。

问题 3: 既然黑客不知密钥，那么乙怎样才能安全地得到其密钥呢？用电话通知，若电话被窃听，通过 Internet 发此密钥给乙，可能被黑客截获，怎么办 ?方法是用非对称密钥算法加密对称密钥后进行传送。

与对称加密算法不同，非对称加密算法需要两个密钥：公开密钥（ Public Key ）和私有密钥（ Private Key ）。

公开密钥与私有密钥是一对，如果用公开密钥对数据进行加密，只有用对应的私有密钥才能解密；如果用私有密钥对数据进行加密，只有用对应的公开密钥才能解密。

因为加密和解密使用的是两个不同的密钥，所以这种算法叫做非对称加密算法 ( 公 / 私钥可由专门软件生成 ) 。

文章标题：深度探讨USB Key认证技术的举例介绍在当今信息时代，随着数字化的快速发展，网络安全问题变得愈发突出。

为了提高数据安全性，USB Key认证技术正逐渐成为一种重要的解决方案。

本文将全面评估USB Key认证技术，并通过举例介绍的方式，探讨其深度和广度，帮助读者全面理解这一主题。

对于USB Key认证技术，我们可以从以下几个方面进行全面评估。

USB Key是什么？其原理和实现方式是什么？其安全性如何？接下来，我们将通过举例介绍几种USB Key认证技术，在此过程中不断深入探讨，帮助读者全面理解这一技术。

1. USB Key的定义和原理USB Key，也称为USB安全密钥，是一种基于USB接口的安全验证设备。

其原理是利用USB接口与计算机进行通信，并通过加密算法和安全协议对设备和用户进行身份验证，以确保数据在传输和存储过程中的安全性。

2. USB Key的实现方式USB Key可以通过硬件方式实现，也可以通过软件与硬件相结合的方式实现。

硬件方式通常是将安全芯片与USB接口结合，保护密钥和加密算法不被篡改和泄露。

而软件与硬件相结合的方式则是将USB Key认证技术集成到特定的软件或应用中，实现对用户身份和数据的双重认证。

3. USB Key的安全性USB Key认证技术相较于传统的用户名和密码认证方式具有更高的安全性。

因为USB Key是基于硬件的安全验证设备，不易受到黑客攻击，可以有效防止密码盗窃和网络钓鱼等安全威胁，提高了数据的安全性。

通过以上分析，我们可以清晰地了解USB Key认证技术的基本概念和原理。

接下来，我们将通过举例介绍几种USB Key认证技术，以便读者更加深入地理解这一主题。

4. 举例介绍USB Key认证技术（1）YubiKeyYubiKey是一种便携式USB安全验证设备，它将一次性密码卡（OTP）和通用二次验证（U2F）集成到一个小巧的USB设备中。

用户可以将YubiKey连接至计算机或移动设备，并通过按压按钮或触摸sensor来进行身份验证，从而实现对特定全球信息湾或应用的双重认证。

网银U盾安全漏洞分析网银U盾安全漏洞分析USB Key是一种USB接口的硬件存储设备。

USB Key的模样跟普通的U盘差不多，不同的是它里面存放了单片机或智能卡芯片，USB Key有一定的存储空间，可以存储用户的私钥以及数字证书，利用USB Key内置的公钥算法可以实现对用户身份的认证。

目前USB Key被广泛应用于国内的网上银行领域，是公认的较为安全的身份认证技术。

USB Key在网上银行中，被用作客户数字证书和私有密钥的载体，在网络上鉴别用户身份处于极其关键的地位。

而网上银行首要的关键问题就是安全，安全是所有一切的基础，没有安全的网银还不如没有网银。

一些新闻报道的国内某某银行几十万资金通过网银被盗，都给网上银行带来巨大的负面影响，让人对于USB Key的网上银行认证的安全性产生怀疑和顾虑。

本文将从技术的角度出发，详细论述一下目前中国网上银行使用的USB Key 的安全性以及可能存在的风险和漏洞。

当然，一个网银系统的安全，涉及到的理论知识非常多，不仅仅要懂得大学课程《密码学》的全面知识，还要知道最新加密锁和USB Key的产品动态，进行全面的网银评测并不是那么简单的事情。

本文也仅仅起个抛砖引玉的作用，欢迎各方高手继续补充和讨论。

行业安全专家基本都公认USB Key是安全可靠的，那么USB Key为什么是安全的呢?目前有几个重要的性能指标能够说明USB Key的安全性。

1、硬件PIN码保护黑客需要同时取得用户的USB Key硬件以及用户的PIN码，才可以登录系统。

即使用户的PIN码被泄漏，只要用户持有的USB Key不被盗取，合法用户的身份就不会被仿冒;如果用户的USB Key遗失，拾到者由于不知道用户PIN码，也无法仿冒合法用户的身份。

2、安全的存储介质USB Key的密钥存储于安全的介质之中，外部用户无法直接读取，对密钥文件的读写和修改都必须由USB Key内的程序调用。

从USB Key接口的外面，没有任何一条命令能够对密钥区的内容进行读出、修改、更新和删除。

USB KEY是结合了现代密码学技术、智能卡技术和USB技术的新一代身份认证产品，是一种的秘密数据存储设备，它具有以下特点：1.双因子认证每一个USB Key都具有硬件PIN码保护，PIN码和硬件构成了用户使用USB Key的两个必要因素，即所谓“双因子认证”。

用户只有同时取得了USB Key和用户PIN码，才可以登录网上银行系统。

即使用户的PIN码被泄漏，只要用户持有的USB Key不被盗取，合法用户的身份就不会被仿冒；如果用户的USB Key遗失，拾到者由于不知道用户PIN码，也无法仿冒合法用户的身份。

2.带有安全存储空间USB Key具有8K-64K的安全数据存储空间，可以存储数字证书、用户密钥等秘密数据，对该存储空间的读写操作必须通过程序实现，用户无法直接读取，其中用户私钥是不可导出的，杜绝了复制用户数字证书或身份信息的可能性。

3.硬件实现加密算法USB Key 内置CPU或智能卡芯片，可以实现PKI体系中使用的数据摘要、数据加解密和签名的各种算法，加解密运算在USB Key内进行，保证了用户密钥不会出现在计算机内存中，从而杜绝了用户密钥被黑客截取的可能性。

支持RSA，DES ,SSF33和3DES算法。

4、便于携带，安全可靠如拇指般大的USB Key非常方便随身携带，并且密钥和证书不可导出，Key的硬件不可复制，更显安全可靠。

USB Key身份认证系统的应用方式：1.基于冲击-响应的双因子认证方式当需要在网络上验证用户身份时，先由客户端向服务器发出一个验证请求。

服务器接到此请求后生成一个随机数并通过网络传输给客户端（此为冲击）。

客户端将收到的随机数提供给ePass，由ePass使用该随机数与存储在ePass中的密钥进行MD5-HMAC运算并得到一个结果作为认证证据传给服务器（此为响应）。

与此同时，服务器也使用该随机数与存储在服务器数据库中的该客户密钥进行MD5-HMAC运算，如果服务器的运算结果与客户端传回的响应结果相同，则认为客户端是一个合法用户。

网银新一代液晶按键USBkey安全分析坚石诚信eto-key―网银新一代液晶按键安全分析网上银行由于其方便性，已经成为人们日常生活中经常使用的平台，银行用户可以不出家门，就可以通过互联网完成支付、转帐、交费等众多业务，省去了银行排队，携带大量现金等即费时繁琐，又不安全的原始业务形式。

随着网银业务的广为普及，网银的安全性也就是大家非常高度关注的一个问题。

直观的用户名/密码方式已经被抛开出局，取而代之的就是十分安全的pki数字证书证书体系，该体系主要通过数字证书中的rsa非对称密钥顺利完成数据传输的安全性，确保了数据传输中的完整性，保密性和不容撒谎性。

很多专业文章了解了pki数字证书的安全性所在，这里不搞过多的了解。

在pki体系中，rsa私钥代表一个人的身份，那么如何保护私钥的安全是保证pki体系安全的关键所在，目前网银中使用的usbkey就能够很好的解决这个问题。

usbkey是一个usb设备，内部主要是一个智能卡硬件，智能卡本身可以保证在硬件内部产生rsa公私钥对，私钥不可导出或者复制，任何关于私钥的运算全部在智能卡内完成。

这种usbkey的主要代表，如坚石诚信科技公司推出的et199auto，有如下特点：?硬件上的安全性坚石诚信et199auto做为数字证书的安全载体，敏感数据都被安全地保存在et199auto的安全存储区域中，未许可用户就是无法碰触至这些信息的。

数据的亲笔签名和加密操作方式全部在et199auto内部顺利完成，私钥从分解成的时刻起至就一直留存其中，可以有效率的杜绝黑客程序的反击。

et199auto的安全性还是其采用的加密算法都就是被广为官方，业界普遍认为的，抵挡了多年考验的标准算法。

同时，一流的芯片PCB工艺也确保了芯片内数据的安全性。

?硬件上的兼容性坚石诚信et199auto采用无驱无软设计，使用高速usb通讯协议，在windows系统中不需安装驱动，即插即用。

另外，usbkey插入计算机后自动安装所需软件，方便易用，大大节省了维护成本。

中国网银安全分析：USB Key前文已经提到一种身份认证产品名叫“动态密码锁”，今天我们将介绍另外一种广泛应用的身份认证产品：USB Key。

和单钥的动态密码锁不同的是，USB Key采用双钥（公钥）加密的认证模式，USB Key 是一种USB接口的硬件设备，外形如下图所示。

它内置单片机或智能卡芯片，有一定的存储空间，可以存储用户的私钥以及数字证书，利用USB Key内置的公钥算法实现对用户身份的认证。

由于用户私钥保存在密码锁中，理论上使用任何方式都无法读取，因此保证了用户认证的安全性。

USB Key产品最早是由加密锁厂商提出来的，原先的USB加密锁主要用于防止软件破解和复制，保护软件不被盗版，而USB Key的目的不同，USB Key主要用于网络认证，锁内主要保存数字证书和用户私钥。

USB Key的硬件和PIN码构成了可以使用证书的两个必要因素。

如果用户PIN码被泄漏，只要USB Key本身不被盗用即安全。

黑客如果想要通过破解加密狗的方法破解USB Key，那么需要先偷到用户USB Key的物理硬件，没有哪个用户会愚蠢到将自己的Key拱手奉献给黑客。

USB Key的一个最重要的优点就是成本低廉。

一些单片机芯片USB Key的成本可以低于10元，很利于大规模普及应用，不过单片机芯片USB Key虽然成本低廉，但是芯片容易被黑客硬件复制。

而智能卡芯片的USB Key就不容易被硬件复制，不过带来的是较高的成本，一般智能卡芯片的USB Key的价格都要高于30元。

USB Key目前在网上银行应用十分广泛，大家看到一些银行的U盾、优KEY等都是这种产品，不过奇怪的是，这些产品的收费似乎要高于其实际价格。

USB Key的使用方法是，当登录网银系统的时候，在电脑上插入USB Key，然后输入PI N码，如果验证通过，则可以进行相关交易。

这种加密方式使用了双钥加密，私钥安全地保存在Key中，在网络应用的环境下，可以更安全，弥补了动态密码锁单钥加密的一些缺陷。