WO2000077596A1 - Tamper resistant software encoding - Google Patents
Tamper resistant software encoding Download PDFInfo
- Publication number
- WO2000077596A1 WO2000077596A1 PCT/CA2000/000677 CA0000677W WO0077596A1 WO 2000077596 A1 WO2000077596 A1 WO 2000077596A1 CA 0000677 W CA0000677 W CA 0000677W WO 0077596 A1 WO0077596 A1 WO 0077596A1
- Authority
- WO
- WIPO (PCT)
- Prior art keywords
- program
- des
- box
- boxes
- software
- Prior art date
Links
- 238000000034 method Methods 0.000 claims abstract description 111
- 230000006870 function Effects 0.000 claims description 31
- 238000009792 diffusion process Methods 0.000 claims description 18
- 230000000694 effects Effects 0.000 claims description 11
- 238000013478 data encryption standard Methods 0.000 claims description 10
- 230000000295 complement effect Effects 0.000 claims description 3
- 230000002441 reversible effect Effects 0.000 abstract description 2
- 238000013459 approach Methods 0.000 description 20
- 238000004458 analytical method Methods 0.000 description 12
- 230000009466 transformation Effects 0.000 description 11
- 230000006399 behavior Effects 0.000 description 10
- 238000004422 calculation algorithm Methods 0.000 description 10
- 238000004891 communication Methods 0.000 description 9
- 230000008569 process Effects 0.000 description 8
- 238000010586 diagram Methods 0.000 description 7
- 238000011156 evaluation Methods 0.000 description 6
- 230000036961 partial effect Effects 0.000 description 6
- 238000012545 processing Methods 0.000 description 6
- 238000012360 testing method Methods 0.000 description 6
- 239000013598 vector Substances 0.000 description 6
- 238000005206 flow analysis Methods 0.000 description 5
- 230000008859 change Effects 0.000 description 4
- 238000004519 manufacturing process Methods 0.000 description 4
- 230000004044 response Effects 0.000 description 4
- 239000000243 solution Substances 0.000 description 4
- 238000000844 transformation Methods 0.000 description 4
- 230000006835 compression Effects 0.000 description 3
- 238000007906 compression Methods 0.000 description 3
- 230000004927 fusion Effects 0.000 description 3
- 230000002829 reductive effect Effects 0.000 description 3
- 238000006467 substitution reaction Methods 0.000 description 3
- 230000008685 targeting Effects 0.000 description 3
- 230000003542 behavioural effect Effects 0.000 description 2
- 230000008901 benefit Effects 0.000 description 2
- 235000000332 black box Nutrition 0.000 description 2
- 238000004590 computer program Methods 0.000 description 2
- 230000002354 daily effect Effects 0.000 description 2
- 230000001419 dependent effect Effects 0.000 description 2
- 230000006872 improvement Effects 0.000 description 2
- 230000005055 memory storage Effects 0.000 description 2
- 238000012986 modification Methods 0.000 description 2
- 230000004048 modification Effects 0.000 description 2
- 238000005457 optimization Methods 0.000 description 2
- 230000035515 penetration Effects 0.000 description 2
- 125000002015 acyclic group Chemical group 0.000 description 1
- 239000000872 buffer Substances 0.000 description 1
- 238000004364 calculation method Methods 0.000 description 1
- 230000001413 cellular effect Effects 0.000 description 1
- 230000001010 compromised effect Effects 0.000 description 1
- 238000005336 cracking Methods 0.000 description 1
- 238000013501 data transformation Methods 0.000 description 1
- 230000007812 deficiency Effects 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 230000003203 everyday effect Effects 0.000 description 1
- 238000000605 extraction Methods 0.000 description 1
- 230000010365 information processing Effects 0.000 description 1
- 238000002347 injection Methods 0.000 description 1
- 239000007924 injection Substances 0.000 description 1
- 238000003780 insertion Methods 0.000 description 1
- 230000037431 insertion Effects 0.000 description 1
- 230000002452 interceptive effect Effects 0.000 description 1
- 230000001788 irregular Effects 0.000 description 1
- 238000002955 isolation Methods 0.000 description 1
- 239000011159 matrix material Substances 0.000 description 1
- 230000003287 optical effect Effects 0.000 description 1
- 230000000149 penetrating effect Effects 0.000 description 1
- 230000008707 rearrangement Effects 0.000 description 1
- 238000011084 recovery Methods 0.000 description 1
- 230000009467 reduction Effects 0.000 description 1
- 238000009877 rendering Methods 0.000 description 1
- 210000001525 retina Anatomy 0.000 description 1
- 238000000926 separation method Methods 0.000 description 1
- 238000003860 storage Methods 0.000 description 1
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/10—Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
- G06F21/12—Protecting executable software
- G06F21/14—Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F8/00—Arrangements for software engineering
- G06F8/30—Creation or generation of source code
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/002—Countermeasures against attacks on cryptographic mechanisms
- H04L9/004—Countermeasures against attacks on cryptographic mechanisms for fault attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L9/00—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
- H04L9/06—Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols the encryption apparatus using shift registers or memories for block-wise or stream coding, e.g. DES systems or RC4; Hash functions; Pseudorandom sequence generators
- H04L9/0618—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation
- H04L9/0625—Block ciphers, i.e. encrypting groups of characters of a plain text message using fixed encryption transformation with splitting of the data block into left and right halves, e.g. Feistel based algorithms, DES, FEAL, IDEA or KASUMI
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F2211/00—Indexing scheme relating to details of data-processing equipment not covered by groups G06F3/00 - G06F13/00
- G06F2211/007—Encryption, En-/decode, En-/decipher, En-/decypher, Scramble, (De-)compress
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/08—Randomization, e.g. dummy operations or using noise
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L2209/00—Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
- H04L2209/16—Obfuscation or hiding, e.g. involving white box
Definitions
- the present invention relates generally to computer software and electronic hardware, and more specifically, to a method, apparatus and system resistant to tampering and reverse engineering, including a particular implementation for the Digital Encryption Standard (DES).
- DES Digital Encryption Standard
- Intercepting data packets while in transit through the Internet This may be done for example, by the Internet Service Provider (ISP) for the end user, or another party on the End User's local network. Theoretically, this may also be done by any attacker who is able to monitor a node on the Internet which routes the data packets, as the Internet is not a secure network.
- ISP Internet Service Provider
- the attacker will have immediate access to what he requires. There are methods of hiding the cryptographic keys and data files, but typically, the attacker need only observe the execution of the decryption algorithm with the target files, to obtain the original cryptographic key and data file.
- Tampering refers to changing computer software in a manner that is against the wishes of the original author. If for example, a cryptographic key is encrypted into a password file with which the user accesses a certain server, one would not want an attacker to obtain the file and modify it to: identify the cryptographic key, obtain access to the server himself, or modify privileges that the file may identify. However, because the attacker has complete access to the software code he has intercepted, there is no way of stopping the attacker from observing its execution and making arbitrary changes.
- biometric information may be used for identification purposes, but it is undesirable to use biometric information because it cannot be replaced once it is compromised.
- biometric identifiers such as two sets of fingerprints, one voice and two retinas. Therefore, the use of biometric data is only practical if it can be implemented in a manner that eliminates risk of compromise due to dissemination of such non-replaceable data.
- a "dongle”, for example, is a special piece of plug-in hardware which implements part of the algorithm to be protected. Hence, the software program being protected will not work correctly unless the dongle is physically plugged in. Obviously, this is a high-cost approach and does not work on a standard computer platform. Indeed, it requires the platform to be changed to include the dongle whenever the protected program is to be run.
- smart cards Due to their structural limitations, smart cards have been far more vulnerable to penetration of their secrets than was hoped, news media describing incidents of smart card penetration on a regular basis. As well, smart card methods require an investment in card reading hardware and the cards themselves, which can be expensive to implement broadly.
- Control flow which is the subject of Collberg et al., is a description of how control is transferred from one location in the software code to another during execution, and the tests that are performed to determine those transfers.
- data flow is a description of the variables together with the operations performed on them.
- Collburg et al. obscure the decision processes in the program, that is, they obscure those computations on which binary or multiway conditional branches determine their branch targets.
- Collburg et al. obscure the decision processes in the program, that is, they obscure those computations on which binary or multiway conditional branches determine their branch targets.
- Collburg et al. The approach of Collburg et al. is based on the premise that obfuscation can not offer a complete solution to tamper protection. Collburg et al. state that: "... code obfuscation can never completely protect an application from malicious reverse- engineering efforts. Given enough time and determination, Bob will always be able to dissect Alice's application to retrieve its important algorithms and data structures.”
- the level of obfuscation obtained using the above techniques is plainly quite weak, since the executed code, control flow and data flow analysed in graph form, is either isomorphic to, or nearly isomorphic to, the unprotected code. That is, although the details of the obfuscated code are different from the original code, the general organisation and structure have not changed.
- One aspect of the invention is broadly defined as a method of increasing the obscurity and tamper-resistance of a software program, comprising the steps of: randomly generating substantive yet redundant arguments; and inserting those arguments into the data flow of the software program.
- Another aspect of the invention is defined as an apparatus for increasing the obscurity and tamper-resistance of computer software code comprising: randomly generating substantive yet redundant arguments; and inserting those arguments into the data flow of the software program.
- a further aspect of the invention is defined as a computer readable memory medium, storing computer software code executable to perform the steps of: randomly generating substantive yet redundant arguments; and inserting those arguments into the data flow of the software program.
- An additional aspect of the invention is defined as a computer data signal embodied in a carrier wave, the computer data signal comprising a set of machine executable code being executable by a computer to perform the steps of: randomly generating substantive yet redundant arguments; and inserting those arguments into the data flow of the software program.
- Figure 1 presents a flow chart of a general algorithm for implementation of the invention
- Figure 2 presents an exemplary computer system in which the invention may be embodied
- Figure 3 presents a data flow diagram of the outer structure of the DES standard
- Figure 4 presents a data flow diagram of a single round of the DES standard
- Figure 5 presents a flow chart of the overall algorithm in a preferred embodiment of the invention
- Figure 6 presents a flow chart of the unrolling routine in a preferred embodiment of the invention
- Figure 7 presents a data flow diagram of the initial connections of one T-box operation, in an embodiment of the invention
- Figure 8 presents a data flow diagram of T-box connections after partial evaluation in an embodiment of the invention
- Figure 9 presents a flow chart of a longitudinal diffusion routine in a preferred embodiment of the invention
- Figure 10 presents a flow chart of a lateral diffusion routine in a preferred embodiment of the invention.
- Figure 11 presents a flow chart of network obscuring in a preferred embodiment of the invention.
- FIG. 1 A method which addresses the objects outlined above, is presented as a flow chart in Figure 1. This figure presents a method of increasing the obscurity and tamper-resistance of a software program by: 1. randomly generating substantive yet redundant arguments at step 10; and
- Data flow is a description of the variables together with the operations performed on them.
- Control flow is a description of how control jumps from place to place in the program during execution, and the tests that are performed to determine those jumps.
- the method of the invention in broad terms, is to add new redundant arguments into the data flow of the program.
- the simplest example of a pair of redundant arguments is: a first argument which increments the value of a variable in one operation, immediately followed by a second operation which decrements the value of the same variable.
- Such a pair of operations is redundant in that they do not affect the outcome of the software code. This example is for illustrative purposes only; much more complex examples are described hereinafter.
- a cryptographic key can be incorporated into a software program, without the danger of the cryptographic key being disclosed, or the program being altered to do anything other than what it was originally intended to do.
- passwords, biometric data and other secure programs and data files can also be securely stored, transferred and executed using the method of the invention.
- cryptographic keys are often used to encrypt data flies to prevent unwanted parties from reading or using the data files.
- the cryptographic keys must also be transmitted between the communicating parties, and are generally stored at both locations, leaving many opportunities for discovery by unwanted attackers.
- the cryptographic key is made secure by obscuring the data flow of the program. Tamper-resistance, in the sense of creating software which changes behaviour drastically in response to small changes, was thought in the art to be irrelevant to secret-hiding, such as hiding a cryptographic key. Actually, it is quite relevant as it makes perturbation-based analysis (analysis by examination of responses to small changes) much more difficult. In the application of the invention to encryption using a cryptographic key, it is possible for an attacker to observe the execution and not obtain any useful information. At no time during the execution does the actual key data appear.
- the new arguments are based on multiple inputs and outputs, preferably three or more. This makes the arguments of the software program intimately interconnected with one another, so it is not possible to alter one entry without altering many outputs. This provides even greater tamper resistance and protection against perturbation analysis.
- This method is unaffected by a data flow analysis attack, because all of the software code, including the added redundant code, is actually executed. As well, the method of the invention is not vulnerable to black-box or debugging attacks.
- the invention is far superior to anything generally available in a commercial obfuscator.
- Obfuscation may be simply defined as making the organisation of the software code more confusing and hence, more difficult to modify.
- Obfuscation is inherently provided by the invention, but the invention goes much further by providing a tamper-resistant solution.
- obfuscation merely makes software code more confusing to analyse, while tamper-resistance makes software code resistant to small changes, in the sense that any small code change produces a massive, unpredictable behavioural change.
- tamper-resistance requires a great deal of analysis to overcome.
- the degree of complexity of tamper-resistance is easily scalable, so that the degree of analysis required to overcome it can be made impractically great.
- the method of the invention does not require any disguises or personal passwords to be remembered or stored, so there is no dependance on human memory or other human limitations.
- This computer system 14 includes a display 16, keyboard 18, computer 20 and external devices 22.
- the computer 20 may contain one or more processors or microprocessors, such as a central processing unit (CPU) 24.
- the CPU 24 performs arithmetic calculations and control functions to execute software stored in an internal memory 26, preferably random access memory (RAM) and/or read only memory (ROM), and possibly additional memory 28.
- the additional memory 28 may include, for example, mass memory storage, hard disk drives, floppy disk drives, magnetic tape drives, compact disk drives, program cartridges and cartridge interfaces such as those found in video game devices, removable memory chips such as EPROM or PROM, or similar storage media as known in the art.
- This additional memory 28 may be physically internal to the computer 20, or external as shown in Figure 2.
- the computer system 14 may also include other similar means for allowing computer programs or other instructions to be loaded.
- Such means can include, for example, a communications interface 30 which allows software and data to be transferred between the computer system 14 and external systems.
- communications interface 30 can include a modem, a network interface such as an Ethernet card, a serial or parallel communications port.
- Software and data transferred via communications interface 30 are in the form of signals which can be electronic, electromagnetic, optical or other signals capable of being received by communications interface 30.
- I/O interface 32 administers control of the display 16, keyboard 18, external devices 22 and other such components of the computer system 14.
- the invention is described in these terms for convenience purposes only. It would be clear to one skilled in the art that the invention may be applied to other computer or control systems 14. Such systems would include all manner of appliances having computer or processor control including telephones, cellular telephones, televisions, television set top units, point of sale computers, automatic banking machines, lap top computers, servers, personal digital assistants and automobiles.
- Targeting The approach taken is specifically directed to the operations to be performed and the data to be manipulated.
- the techniques used are specially suited to the data and operations employed in DES. It would be clear to one skilled in the art how to tailor the techniques disclosed herein, to other software programs.
- Fusion Encoded software handles the data in such a way that multiple components are manipulated together, so that separating out individual original (i.e., pre-encoding) data operations is difficult, and tampering with one entity in effect modifies the behaviour of more than one entity.
- Diffusion Encoded data and computation distribute information among multiple sites, so that no site alone is sufficient for understanding, ambiguity is increased, and tampering at individual sites is made less effective.
- Fake robustness Presumably, true robustness would preserve the same computation even after some forms of tampering.
- the invention 'fakes' such robustness by avoiding failure responses to data in the presence of tampering. Instead, computation proceeds with apparent normalcy, but along nonsensical lines. This is strongly allied to the principle of anti-holographic behaviour.
- Anti-holographic behaviour Tampering with a small part of a hologram causes a slight reduction in resolution.
- the method of the invention induces the opposite behaviour, where the effect of any small change is to produce large, wide-spread, cascading changes in behaviour.
- Partial evaluation Part of the process of hiding constant input data is to partially evaluate the application with respect to that data. In the case of DES key-hiding, for example, the cryptographic key is constant and is eliminated by partial evaluation. This principle is allied to the principle of diffusion, where the components of the cryptographic key are then distributed to multiple locations.
- DES Digital Encryption Standard
- DES Digital Encryption Standard
- DES is a block cipher, where a piece of software to be encoded is broken down into sixty-four-bit blocks which are operated upon separately.
- DES inputs a sixty-four-bit block to be encrypted or decrypted and a sixty-four-bit raw key and outputs a sixty-four-bit result. Only fifty-six bits of the raw key are actually used: the low-order bit of each raw key 8-bit byte is discarded, or can be used for parity.
- FIG. 3 presents a data flow diagram of the outer structure of DES. This presentation is intended to emphasize the three basic kinds of operations making up DES, as described above. Italicized numbers adjacent to the arrows indicate the bit- widths of the indicated values.
- the outer box 34 represents the entire DES algorithm, whether encryption or decryption.
- the inner structure of DES comprises sixteen rounds of processing 36, which are identical except for one minor variation in the final round and the variations in one of the internal QPM operations, namely, the key shift, QPMe, which is explained hereinafter.
- the initial permutation, QPMa at step 38, and the final permutation, QPMc at step 40 are true permutations, that is, there are no omissions and no duplicated bits. Note that QPMc at step 40 is the inverse of QPMa at step 38.
- the key transformation, QPMb at step 42 selects fifty- six of sixty-four bits from the raw key, and rearranges the bits.
- Figure 4 presents a data flow diagram of the internal structure of one of the sixteen DES rounds at step 36.
- Left In and Right In are the left and right halves of the data being encrypted or decrypted as it enters the round, and Left Out and Right Out are these halves after the processing has been performed by the rounds.
- Key In is the fifty-six-bit key as it enters the round, and Key Out is the fifty-six-bit key as it leaves the round.
- the expansion permutation, QPMd at step 46 repeats certain bits
- the compression permutation, QPMf at step 48 which produces the round sub-key as its output, omits certain bits.
- the key shift, QPMe at step 44 consists of rotations of the left and right halves of the fifty-six-bit key by an identical amount, in a direction and with a number of shift positions determined by the round number and by whether encryption or decryption is being performed.
- LKP h 1 - h 8 at step 50 (performing S-box substitution) are the eight S-box lookup tables performed in the round.
- the indices for the LKP operations h 1 - h 8 at step 50 are each, in effect, preceded by yet another QPM operation, which permutes the six input bits so that the low-order or right-most bit becomes the bit second from the left in the effective index, but this QPM can be eliminated to match what has been shown above by re- ordering the elements of the S-box tables.
- the P-box permutation, QPMi at step 52 permutes the results of LKP h 1 - h 8 at step 50, presumably to accelerate diffusion of information across all bits.
- the XORg operation at step 54 is a simple Boolean exclusive OR on the outputs of the QPMd at step 46 and the output from the QPMf at step 48.
- the XORj operation at step 56 is a simple Boolean exclusive OR on the outputs of the Left In and the output from QPMi at step 52.
- Lateral diffusion is the splitting of data flow into separate streams and diffusing data laterally between the separate streams, while longitudinal diffusion is the additional of
- the unrolling of the sixteen DES rounds at step 66 can be effected by duplicating the round network fifteen times and connecting the sixteen blocks of software code end-to-end. Then, the eight S-boxes can be copied fifteen times, so that there are separate copies of the original eight S-boxes for each round. Since there are sixteen rounds, this means that after copying, there are 128 S-boxes.
- the lookup tables or S-boxes of the DES can be simplified to avoid multiple-output operations, and to facilitate optimization and other changes. This is done by converting the 4-output S-boxes to 1 -output T-boxes, where there is one T-box for each output of an S-box (including each output of an S-box which is a copy of an original S-box). "T” stands for "tiny", since only one bit is emitted per T- box.
- the eight S-box lookup tables, LKP h 1 - h 8 at step 50 can be replaced with thirty-two T-box lookup tables, LKP k 1 - k 32. If the bits of the S-box elements are regarded as columns in a Boolean or bit matrix, then each T-box is one column of the corresponding S-box.
- LKP k 1 - k 4 represent LKP h 1, with each output representing one bit of the original h 1 output; LKP k 5 - k 8 represent LKP h 2, and so on.
- the T-box lookup tables in different rounds are independent of one another because a separate set of S-boxes were created for each round, therefore, the tables in one round can be modified without affecting the others.
- the initial connections surrounding one T-box operation, LKP k i appear as shown in Figure 7.
- Forty-eight bit round keys are constant in each round as they are entirely determined by the round number and the original cryptographic key. Therefore, at step 70 the forty-eight bit XOR block at the beginning of the round, shown as "XOR g" at step 54 of Figure 4, can be eliminated.
- Boolean NOT operation (if it is true). Therefore, in each round, replace the initial block of forty-eight bit-wise XORs by forty-eight unary operations, where each unary operation is an identity operation (that is, it returns the input unchanged) if the corresponding forty-eight-bit key bit was 0, and is a NOT operation (that is, it returns the input's complement) if the corresponding forty-eight-bit key bit was 1.
- This step incorporates the secret cryptographic key into the software code.
- the operation count is then further reduced and the structure of the DES implementation simplified at step 72 by eliminating the remaining bitwise XOR blocks, shown as "XOR j" in Figure 4. This is done by folding the XOR shown as XOR n in Figure 7 together with the LKP shown as LKP k i above.
- each round replace the block of thirty-two T-boxes performing the "QPM i" operation of Figure 4 and the block of thirty-two XORs performing the "XOR j" operation of Figure 4 with thirty-two new T-boxes performing both of those operations. That means each new T-box created by this step has one extra input; that is, instead of six inputs, it has seven.
- the table is adjusted so the combined function of "QPM i" and "XOR j" is correctly computed. In other words:
- XOR n is eliminated, by taking the elements of LKP k i 's table, making a copy but with every element inverted, and concatenating that to the end of the original table.
- the new LKP (LKP k ' i , say) now includes the effect of XOR n, thereby increasing the degree of fusion in this implementation, and yielding a version of DES consisting of 512 seven-input T-box lookup operations, connected together.
- Information from the cryptographic key and the manipulations of the cryptographic key has now been diffused into the T-box LKP operations, beginning to satisfy the principle of diffusion of computations and data. That is, the cryptographic key does not explicitly appear in the software code.
- step 74 the optional step of injecting identity T-boxes into the data flow may be performed at step 74. Note the connectivity of the look up tables after partial evaluation, shown in
- FIG. 8 Six of a T-box's inputs are from T-boxes farther from the source values than the other; that is, six are from a more recent round and one from an earlier round.
- the simple connection labelled from left data in Figure 8 can be replaced with a new T-box (the "injected" T- box), which inputs this value and also includes a random set of six other inputs, chosen to make the connectivity of the injected T-box look similar to that of existing T-boxes, that is, injection makes the left and right side connectivity look similar. These six other inputs may be ignored (that is, they act as " ⁇ fon'f care” inputs).
- T-boxes will be referred to herein as "identity T-boxes”.
- identity T-boxes are easy to identify as data flow analysis of the T-box table for an identity T-box reveals that only one of the inputs is significant.
- a cryptographic identity comprises a T-box sub graph which computes an identity by first encrypting and then decrypting the data, using some key not related to the DES key that is being hidden.
- Examples of cryptographic identities would be: n-round DES encryption with some randomly chosen key K r , followed by n-round DES decryption using K r , where n would typically be some even number less than sixteen.
- any DES variant or indeed any sufficiently DES-like cipher whatever, can also be used, to further complicate the problem of identifying the S-boxes given the T-boxes.
- the cryptographic identities are DES-based, one would typically omit the initial and final permutations from the identities. (See Schneier et al., pp. 294-300, for examples of DES variants.) Techniques for generating the various randomly chosen keys are well known in the art.
- these identities are inserted into the DES implementation, either at the beginning, the end, or in the middle, between any pair of unrolled rounds.
- the pads are identities, they have no effect on the output of the software code. At this point, they do not sound like a sensible addition as complementary pairings of sixty-four Boolean equations would stand out during tracing of the software. However, after further techniques have been applied, they no longer have the appearance of identities.
- Lateral diffusion is performed, as presented in Figure 10.
- Lateral diffusion may be described as splitting the data flow of the program into separate streams and then diffusing data laterally between the separate streams.
- a simple implementation will first be described which employs a two-input Boolean function, then improvements will be described which result in a much stronger implementation: 1.
- choose an existing T-box which will be referred to as original
- generate two new T-boxes which will be referred to as left and right
- the original T-box must not be a final output T-box.
- step 82 choose a Boolean function with two inputs and one output. There are sixteen of these, but one should not use Boolean functions for which some input is a 'don't care'. There are six functions that must therefore be rejected, specifically, those which output constant true, constant false, the left input, the right input, not the left input, and not the right input. The remaining ten Boolean functions are substantive and usable, and one of such functions can be chosen at random for any given pair of left, right look up tables. The function chosen for any particular left, right pair of tables will be identified as "func".
- step 86 insert the two new tables into the data flow of the software code so that the old index to the original table now indexes both of the new tables. Similarly, insert the random Boolean function into the data flow of the program following the two new tables, so that the outputs of the two tables are directed to the Boolean function.
- This process effectively converts seven-input T-boxes into eight-input T- boxes, randomly diffusing information from the original T-box between left and right T-boxes, and adding random, redundant information.
- T-box LKP operations By working this transformation backwards from the output T-box LKP operations to the beginning of the DES implementation graph, one can arrange that, in general, T-box LKP operations other than those producing the final outputs and the initial ones whose inputs are not from other T-box LKP operations, have more than seven inputs.
- This transformation is quite simple, and contributes greatly to obscurity, by diffusing information among T-box LKP operations and thereby making their contents randomly perturbed relative to their original contents. Moreover, it tends to make the injected pad identities not quite identities anymore.
- the above approach with or without the recommended refinement, easily extends from producing left, right pairs of T-box LKP operations to producing triplets — left, middle, right — or even quadruplets or larger numbers.
- the number of inputs in non-initial T-box LKP operations can then be increased, either by producing more pairs, or by producing triplets or quadruplets instead of pairs, or by some combination of these approaches.
- the network of T-boxes is obscured by encoding the input vectors of non-initial T-boxes, referred to as step 62 in Figure 5.
- the T-box operations have 7- or 8-bit input vectors (or, optionally, larger ones).
- the encoding consists of flipping randomly chosen bits and permuting the positions of the vector elements as shown in the flow chart of Figure 11 :
- the flipping part of the encoding is performed at step 88. Inputs are selected for inversion randomly. This is done only where the sources of these inputs are internal to the implementation; that is, do not flip any bits in the input data. When a bit is flipped, the bits of its source T-box's table are inverted. That is, obtaining the NOT of the output of previous outputs. Inputs to T-boxes may come from shared sources. As a result, when two T- boxes disagree on the encoding of inputs coming from the same other T-box, that source T-box is no longer fully sharable (since its output must be delivered to one client flipped and to another unflipped). As a result, this stage increases the number of T-box LKP operations in the implementation.
- the second part of the coding at step 90 is to randomly permute the inputs of each T-box LKP operation.
- the elements of each T-box LKP table are reordered to allow for the new arrangement of the inputs.
- These modifications to the T-box LKP tables intermingle elements which previously were widely separated, increasing the degree of fusion. They also increase the obscurity, as does the presence of multiple T-boxes derived from one T-box, and containing different tables.
- the previously described pad rounds injected into the software code have now very definitely ceased to be identities.
- the final step is to generate executable code from the network of T-boxes per step 64 of Figure 5.
- Each LKP operation can be represented by a call to a utility function. For an n-input LKP, this requires n + 1 arguments. The extra argument is a pointer to the table of Boolean functions to be used for that particular LKP operation.
- the utility function compresses its inputs into an index, indexes into its table to find the result, and returns that result.
- the body of the DES function then, consists of an initial expansion of the sixty-four-bit input data block into sixty-four separate values, followed by a chain of T-box LKP routine calls, plus any needed loads and stores, implementing the desired Boolean DAG's connectivity, followed by a compression of the sixty-four result Booleans into a sixty-four-bit result value, which is returned.
- LKP routine calls any needed loads and stores, implementing the desired Boolean DAG's connectivity
- LKP routine calls by one, by taking advantage of the fact that the calls are chained together in a specific sequential order. Therefore, one can sequence through the tables used in the successive calls by having the utility routines index through a sequence of tables stored in just that sequential order. Thus, the tables can be implicit in the calls, instead of being passed as an argument in each call. The body of the DES function would then begin by setting the appropriate starting state for iterating through these tables.
- T-boxes into calls to utility routines, with interspersed code to move outputs to inputs as follows: 1. generate T-box utility calls by topologically sorting the T-box network in
- Virtual Machine Interpreter A variation on the generation of executable code described above, which is somewhat more compact, is to utilize an interpreter for a T-box virtual machine (TVM) with some number (see below) of 1-bit registers.
- An interpreter is a program that directly executes high-level code, as opposed to a compiler which generates machine language for execution.
- a virtual machine is a self-contained operating environment which can execute on a computer or similar device. The Java Virtual Machine, for example, will run the same way on any computer.
- the TVM contains a linear table of bits and a counter indicating how many of the bits in this linear table have been consumed.
- the linear table comprises the concatenation of the tables of all of the T-boxes in their intended execution order.
- Each TVM instruction comprises a series of fields, namely: a. bit consumption count, indicating how many bits of the linear table are to be consumed. That is, what the size of the table is for the T-box represented by this instruction; b. input count, indicating how many inputs this T-box has; c. series of input register numbers, indicating which 1-bit register corresponds to which T-box input; and d. output register number, indicating which 1-bit register receives the result of the T-box lookup represented by this instruction.
- the TVM's program comprises a sequence of such instructions, followed by an instruction with a bit consumption count of 0, indicating termination of the program.
- the number of 1-bit registers needed is the largest number of values computed but not yet consumed at any point during execution of the particular executable T-box ordering chosen for the graph.
- a sixty-four element prefix of the TVM's 1-bit registers are filled with the data to be encrypted or decrypted, and at termination, the sixty-four element prefix contains the encrypted or decrypted result value.
- the tamper resistance and obfuscation are added to this unrolled code as follows: a.
- the principle of the bit-exploded coding technique is to convert n-bit variables into n Boolean variables. That is, each bit of the original variable is stored in a separate and new Boolean variable.
- Each such new Boolean variable may either be unchanged or inverted by interchanging true and false. For example, this means that for a thirty-two-bit variable, there are 2 32 , a little over 4 billion, bit-exploded codings to choose from. These variables and their transforms are recorded in a "phantom parallel program", so that the inversions can be rationalised with other equations and operations in the software. At this point, the software code contains excessive bulk, but may be reduced using conventional constant folding. The effect is that the cryptographic key has now completely disappeared, but the code bulk remains large. b. Further encoding is now performed by bit-exploded to bit-tabular optimization.
- Bit-exploded coding may produce data flow networks having subnetworks with the following properties: they have only a reasonably small number of inputs; and they are acyclic; that is, contain no loops.
- variables may be transformed in a bit-wise manner using de Morgan's laws. This encoding results in a substantial increase in the number of operations relative to the original program, except for operations which can be "factored out” because they can be done by reinterpreting which variables represent which bits or which bits are in the representation are inverted.
- the invention presents a new way to generate an implementation of DES with an implicit, hidden key. It is intended for use where key-hiding is important, but the volume of data to be encrypted or decrypted is modest, so that a much slower implementation can be tolerated in order to achieve a greatly increased level of security. This approach injects a huge amount of random, arbitrary information into the structure of the hidden-key DES implementation.
- the effectiveness of the invention can only be defended on the basis of arguments.
- the invention is highly effective for the following reasons:
- the above method for hiding DES keys may be more useful if it is embedded in a larger program, and control flow encoding is used in concert with data flow encoding in a manner of the invention. This makes the above technique highly useful, since it is then no longer possible to extract the encryption and decryption routines in isolation.
- Biometric data stored in the software program could not be decrypted by simply extracting the encryption and decryption components from the software, because subsidiary techniques would be applied to make separation into components an even harder problem. Moreover, one would employ subsidiary tamper-resistant, secret-hiding methods to ensure that comparisons of biometric data do not compromise it, even when the attacker has full debugging access, and that the behaviour of the application performing such operations is not modifiable in any way useful to the attacker. Hence, the biometric information can be well protected both locally and globally. . Encode 'Plain-Text' and 'Ciphertext' and Embed the DES
- the method steps of the invention may be embodiment in sets of executable machine code stored in a variety of formats such as object code or source code. Such code is described generically herein as programming code, or a computer program for simplification. Clearly, the executable machine code may be integrated with the code of other programs, implemented as subroutines, by external program calls or by other techniques as known in the art.
- the embodiments of the invention may be executed by a computer processor or similar device programmed in the manner of method steps, or may be executed by an electronic system which is provided with means for executing these steps.
- an electronic memory medium may be programmed to execute such method steps. Suitable memory media would include serial access formats such as magnetic tape, or random access formats such as floppy disks, hard drives, computer diskettes, CD-Roms, bubble memory, EEPROM, Random Access Memory (RAM), Read Only Memory (ROM) or similar computer software storage media known in the art.
- electronic signals representing these method steps may also be transmitted via a communication network.
- Credit, debit, bank and smart cards could be encoded to apply the invention to their respective applications.
- An electronic commerce system in a manner of the invention could for example, be applied to parking meters, vending machines, pay telephones, inventory control or rental cars and using magnetic strips or electronic circuits to store the software and passwords. Again, such implementations would be clear to one skilled in the art, and do not take away from the invention.
Landscapes
- Engineering & Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Theoretical Computer Science (AREA)
- Software Systems (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Signal Processing (AREA)
- General Physics & Mathematics (AREA)
- Computer Networks & Wireless Communication (AREA)
- Multimedia (AREA)
- Technology Law (AREA)
- Computer Hardware Design (AREA)
- Storage Device Security (AREA)
Abstract
Description
Claims
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
AU53796/00A AU5379600A (en) | 1999-06-09 | 2000-06-08 | Tamper resistant software encoding |
EP00938383A EP1192516A1 (en) | 1999-06-09 | 2000-06-08 | Tamper resistant software encoding |
CA002384360A CA2384360A1 (en) | 1999-06-09 | 2000-06-08 | Tamper resistant software encoding |
Applications Claiming Priority (4)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US09/329,117 US6594761B1 (en) | 1999-06-09 | 1999-06-09 | Tamper resistant software encoding |
US09/329,117 | 1999-06-09 | ||
US16489299P | 1999-11-10 | 1999-11-10 | |
US60/164,892 | 1999-11-10 |
Publications (1)
Publication Number | Publication Date |
---|---|
WO2000077596A1 true WO2000077596A1 (en) | 2000-12-21 |
Family
ID=26860961
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
PCT/CA2000/000677 WO2000077596A1 (en) | 1999-06-09 | 2000-06-08 | Tamper resistant software encoding |
Country Status (4)
Country | Link |
---|---|
EP (1) | EP1192516A1 (en) |
AU (1) | AU5379600A (en) |
CA (1) | CA2384360A1 (en) |
WO (1) | WO2000077596A1 (en) |
Cited By (15)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7287166B1 (en) | 1999-09-03 | 2007-10-23 | Purdue Research Foundation | Guards for application in software tamperproofing |
US7305564B2 (en) | 2002-12-19 | 2007-12-04 | International Business Machines Corporation | System and method to proactively detect software tampering |
US7512986B2 (en) | 2001-03-28 | 2009-03-31 | Nds Limited | Digital rights management system and method |
US7707433B2 (en) | 1998-05-14 | 2010-04-27 | Purdue Research Foundation | Method and system for secure computational outsourcing and disguise |
US7757097B2 (en) | 1999-09-03 | 2010-07-13 | Purdue Research Foundation | Method and system for tamperproofing software |
US7770016B2 (en) | 1999-07-29 | 2010-08-03 | Intertrust Technologies Corporation | Systems and methods for watermarking software and other media |
EP2605445A1 (en) * | 2011-12-14 | 2013-06-19 | Siemens Aktiengesellschaft | Method and apparatus for securing block ciphers against template attacks |
US8510571B1 (en) | 2003-03-24 | 2013-08-13 | Hoi Chang | System and method for inserting security mechanisms into a software program |
US8539459B2 (en) | 2003-08-20 | 2013-09-17 | Rovi Europe Limited | Code obfuscation and controlling a processor by emulation |
US8621187B2 (en) | 2008-02-11 | 2013-12-31 | Nxp, B.V. | Method of program obfuscation and processing device for executing obfuscated programs |
EP2682865A1 (en) * | 2012-07-05 | 2014-01-08 | Vector Informatik GmbH | Method for communicating with a control programme of a control device and application modules for same |
US8856500B2 (en) | 2008-02-06 | 2014-10-07 | Nxp B.V. | Obfuscating program by scattering sequential instructions into memory regions such that jumps occur with steps of both signs in equal frequency |
EP2892175A1 (en) * | 2013-12-26 | 2015-07-08 | Nxp B.V. | Secure software components anti-reverse-engineering by table interleaving |
CN107580765A (en) * | 2015-01-27 | 2018-01-12 | 艾锐势有限责任公司 | For protecting obscuring for Streaming Media and other data flows |
US11055409B2 (en) | 2019-01-06 | 2021-07-06 | Nuvoton Technology Corporation | Protected system |
Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO1999001815A1 (en) * | 1997-06-09 | 1999-01-14 | Intertrust, Incorporated | Obfuscation techniques for enhancing software security |
WO1999003246A2 (en) * | 1997-04-14 | 1999-01-21 | Lucent Technologies Inc. | Methods and apparatus for enhanced security expansion of a secret key into a lookup table for improved security for wireless telephone messages |
US5892899A (en) * | 1996-06-13 | 1999-04-06 | Intel Corporation | Tamper resistant methods and apparatus |
-
2000
- 2000-06-08 WO PCT/CA2000/000677 patent/WO2000077596A1/en not_active Application Discontinuation
- 2000-06-08 AU AU53796/00A patent/AU5379600A/en not_active Abandoned
- 2000-06-08 CA CA002384360A patent/CA2384360A1/en not_active Abandoned
- 2000-06-08 EP EP00938383A patent/EP1192516A1/en not_active Withdrawn
Patent Citations (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5892899A (en) * | 1996-06-13 | 1999-04-06 | Intel Corporation | Tamper resistant methods and apparatus |
WO1999003246A2 (en) * | 1997-04-14 | 1999-01-21 | Lucent Technologies Inc. | Methods and apparatus for enhanced security expansion of a secret key into a lookup table for improved security for wireless telephone messages |
WO1999001815A1 (en) * | 1997-06-09 | 1999-01-14 | Intertrust, Incorporated | Obfuscation techniques for enhancing software security |
Cited By (23)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US7707433B2 (en) | 1998-05-14 | 2010-04-27 | Purdue Research Foundation | Method and system for secure computational outsourcing and disguise |
US7770016B2 (en) | 1999-07-29 | 2010-08-03 | Intertrust Technologies Corporation | Systems and methods for watermarking software and other media |
US8140850B2 (en) | 1999-07-29 | 2012-03-20 | Intertrust Technologies Corporation | Systems and methods for watermarking software and other media |
US7757097B2 (en) | 1999-09-03 | 2010-07-13 | Purdue Research Foundation | Method and system for tamperproofing software |
US7287166B1 (en) | 1999-09-03 | 2007-10-23 | Purdue Research Foundation | Guards for application in software tamperproofing |
US7512986B2 (en) | 2001-03-28 | 2009-03-31 | Nds Limited | Digital rights management system and method |
EP2267626A2 (en) | 2001-03-28 | 2010-12-29 | NDS Limited | Digital rights management system and method |
US7920702B2 (en) | 2001-03-28 | 2011-04-05 | Nds Limited | Digital rights management system and method |
US7305564B2 (en) | 2002-12-19 | 2007-12-04 | International Business Machines Corporation | System and method to proactively detect software tampering |
US7707429B2 (en) | 2002-12-19 | 2010-04-27 | International Business Machines Corporation | System and method to proactively detect software tampering |
US8510571B1 (en) | 2003-03-24 | 2013-08-13 | Hoi Chang | System and method for inserting security mechanisms into a software program |
US8539459B2 (en) | 2003-08-20 | 2013-09-17 | Rovi Europe Limited | Code obfuscation and controlling a processor by emulation |
US8856500B2 (en) | 2008-02-06 | 2014-10-07 | Nxp B.V. | Obfuscating program by scattering sequential instructions into memory regions such that jumps occur with steps of both signs in equal frequency |
US8621187B2 (en) | 2008-02-11 | 2013-12-31 | Nxp, B.V. | Method of program obfuscation and processing device for executing obfuscated programs |
EP2605445A1 (en) * | 2011-12-14 | 2013-06-19 | Siemens Aktiengesellschaft | Method and apparatus for securing block ciphers against template attacks |
EP2682865A1 (en) * | 2012-07-05 | 2014-01-08 | Vector Informatik GmbH | Method for communicating with a control programme of a control device and application modules for same |
EP2892175A1 (en) * | 2013-12-26 | 2015-07-08 | Nxp B.V. | Secure software components anti-reverse-engineering by table interleaving |
US9576116B2 (en) | 2013-12-26 | 2017-02-21 | Nxp B.V. | Secure software components anti-reverse-engineering by table interleaving |
CN107580765A (en) * | 2015-01-27 | 2018-01-12 | 艾锐势有限责任公司 | For protecting obscuring for Streaming Media and other data flows |
CN107580765B (en) * | 2015-01-27 | 2021-10-26 | 艾锐势有限责任公司 | For protecting confusion of streaming media and other data streams |
US11269621B2 (en) * | 2015-01-27 | 2022-03-08 | Arris Enterprises Llc | Obfuscation for protection of streaming media and other data flows |
US11816477B2 (en) | 2015-01-27 | 2023-11-14 | Arris Enterprises Llc | Obfuscation for protection of streaming media and other data flows |
US11055409B2 (en) | 2019-01-06 | 2021-07-06 | Nuvoton Technology Corporation | Protected system |
Also Published As
Publication number | Publication date |
---|---|
EP1192516A1 (en) | 2002-04-03 |
AU5379600A (en) | 2001-01-02 |
CA2384360A1 (en) | 2000-12-21 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US9910971B2 (en) | System and method of interlocking to protect software-mediated program and device behaviours | |
JP5249053B2 (en) | Data processing system integrity | |
CN104981813B (en) | Coding is identified using dynamic data to protect addressable system | |
Bogdanov et al. | Towards practical whitebox cryptography: optimizing efficiency and space hardness | |
US7464269B2 (en) | Secure method and system for handling and distributing digital media | |
CN106888080B (en) | Protecting white-box feistel network implementations from false attacks | |
CN101491001A (en) | Tamper resistance of a digital data processing unit | |
EP1350154A2 (en) | System and method for protecting computer software from a white box attack | |
EP1421457A2 (en) | Method and system for generating sustainable digital watermarks | |
EP1192516A1 (en) | Tamper resistant software encoding | |
Unterluggauer et al. | MEAS: Memory encryption and authentication secure against side-channel attacks | |
CN105978680B (en) | Encryption operation method for encryption key | |
WO2006038104A1 (en) | Method and apparatus for generating cryptographic sets of instructions automatically and code generation | |
CN106209346B (en) | White-box cryptography interleaving lookup table | |
Brier et al. | Fast primitives for internal data scrambling in tamper resistant hardware | |
WO2008101340A1 (en) | System and method for interlocking to protect software-mediated program and device behaviours | |
Mokhnache | Implémentation d’algorithmes avancés de traitement de l’information dédiés au cryptage et à la cryptanalyse | |
CA2454761A1 (en) | Secure method and system for handling and distributing digital media | |
Rigot | Útoky na white-box AES | |
Unterluggauer et al. | MEAS: Memory Encryption and Authentication Secure Against Side-Channel Attacks Using Unprotected Primitives |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
AK | Designated states |
Kind code of ref document: A1 Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BY CA CH CN CR CU CZ DE DK DM DZ EE ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NO NZ PL PT RO RU SD SE SG SI SK SL TJ TM TR TT TZ UA UG US UZ VN YU ZA ZW |
|
AL | Designated countries for regional patents |
Kind code of ref document: A1 Designated state(s): GH GM KE LS MW MZ SD SL SZ TZ UG ZW AM AZ BY KG KZ MD RU TJ TM AT BE CH CY DE DK ES FI FR GB GR IE IT LU MC NL PT SE BF BJ CF CG CI CM GA GN GW ML MR NE SN TD TG |
|
121 | Ep: the epo has been informed by wipo that ep was designated in this application | ||
REG | Reference to national code |
Ref country code: DE Ref legal event code: 8642 |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2384360 Country of ref document: CA |
|
WWE | Wipo information: entry into national phase |
Ref document number: 2000938383 Country of ref document: EP |
|
WWP | Wipo information: published in national office |
Ref document number: 2000938383 Country of ref document: EP |
|
WWE | Wipo information: entry into national phase |
Ref document number: 10031834 Country of ref document: US |
|
NENP | Non-entry into the national phase |
Ref country code: JP |
|
WWW | Wipo information: withdrawn in national office |
Ref document number: 2000938383 Country of ref document: EP |