如何制作文件防篡改? [英] How to make a file tamper proof?

问题描述

我有一个(计划中的)商业程序正在写出使用日志.作为其许可证的一部分，用户将需要每隔几周将日志提交回公司.如何确保文件未被篡改?

I have a (planned) commercial program that is writing out a usage log. As part of their license, users will be required to submit the log back to the company every few weeks. How can I ensure the file has not been tampered with?

系统正在用 C# 和 Winforms 或 WPF 编写.

System is being written in C# and Winforms or WPF.

更新:嗯……很惊讶如何制作文件防篡改?被认为是什么技术可以保护文件的完全重复"来自完全信任的用户的秘密?无论如何，部落已经说过了.

Update: Hmmm... quite surprised that How to make a file tamper proof? is considered an "exact duplicate" of What technique can protect a secret from a fully trusted user? Anyway, the tribe has spoken.

推荐答案

正如 Ken 提到的，这与 DRM 系统存在的问题相同.他们使用多种技术将密钥存储在用户(很容易)无法找到的地方.您会将数字签名方案与用于存储密钥的过于复杂的方案相结合.将其分成多个部分，分散在用户系统中——一些部分在注册表中，一些在文件系统上的文件中，一些在各种看似无辜的文件的修改日期和文件名中编码.此外，故意让代码的 DRM 子系统变得模糊不清，并且难以调试.

As Ken mentioned, this is the same problem that DRM systems have. They use a variety of techniques to store keys where users won't (easily) be able to find them. You'd be combining a digital signature scheme with an overly-complex scheme for storing the key. Split it into multiple pieces, scattered over the user's system - some parts in the registry, some in files on the filesystem, some encoded in the modification dates and filenames of various innocent-looking files. Also, make the DRM subsystem of your code intentionally obscure, and difficult to debug.

另一种选择是定期将签名数据发送到某个远程系统(如果您可以依靠互联网连接).

Another alternative would be to send signature data to some remote system periodically (if you can depend on having an internet connection).

这篇关于如何制作文件防篡改?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！