Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Method for effective tamper resistance

a tamper resistance and effective technology, applied in the field of software security, can solve the problems of weakening the overall strength of tamper resistance, limiting the usefulness, and common limitations, and achieve the effect of preventing malicious users from analyzing and modifying software conten

Inactive Publication Date: 2008-06-19
IBM CORP
View PDF1 Cites 55 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Benefits of technology

[0116]It is an object of this invention to provide a method, system, and program product for preventing a malicious user from analyzing and modifying software content.
[0119]The invention also solves the initial key weakness in the Branch-Based scheme of [10] by using the subgroup extension. Now, like the Branch-Based technique, any key in the subgroup can be used to start the program. This eliminates the need for any special protection on the initial key.
[0120]As with the original techniques, some performance and size impact was to be expected. However, evaluation shows that through careful implementation the impact incurred can be tolerable. Overall, the subgroup extension improves the strength of both the Event fog-Based and the Branch-Based tamper resistance techniques without significantly impacting the size or performance of the applications.

Problems solved by technology

Because of this, they both suffer from a common limitation associated with the placement of either the integrity checks or the call to the branch function.
Restricting these placements to points along a deterministic path can limit the usefulness and weaken the overall strength of the tamper resistance capabilities.

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Method for effective tamper resistance
  • Method for effective tamper resistance
  • Method for effective tamper resistance

Examples

Experimental program
Comparison scheme
Effect test

first embodiment

[0143]In a first embodiment, the correct, key value can be transformed into an invariant in the program. If the key evolves incorrectly, the transformation will yield an incorrect constant value which will adversely affect program behavior.

second embodiment

[0144]In a second embodiment, the program can use the key value to encrypt some crucial code, so only the correctly calculated key can decrypt the code correctly for proper program execution.

third embodiment

[0145]In a third embodiment, a more obfuscation-oriented approach uses the key value in a branch function to determine the correct target address. If the key value is wrong, the program will jump to an incorrect target address and the program will ultimately execute incorrectly.

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

A system, method, and computer program product for preventing a malicious user from analyzing and modifying software content. The one-way functions used in prior art systems using dynamically evolving audit logs or self-modifying applications are replaced with a one-way function based on group theory. With this modification, untampered key evolution will occur inside a defined mathematical group such that all valid key values form a subgroup. However, if the program is altered, the key will evolve incorrectly and will no longer be a member of the subgroup. Once the key value is outside of the subgroup, it is not possible to return it to the subgroup. The present invention provides a limited total number of valid keys. The key evolution points are not restricted to locations along the deterministic path, so the key can be used in various novel ways to regulate the program's behavior, including in non-deterministic execution paths.

Description

CROSS-REFERENCE TO RELATED APPLICATIONS [0001]This invention is related to commonly-owned pending U.S. patent applications, each of which is hereby incorporated by reference:[0002]U.S. Ser. No. 10 / 249,130, filed Dec. 19, 2002, entitled “System and Method to Proactive! y Detect Software Tampering”, published Jun. 24, 2004 as USPA. 2004 / 0123116A1 and referred to hereafter as the '130 invention or the Event-Log Based invention.[0003]U.S. Ser. No. 11 / 066,934, filed Feb. 26, 2005, entitled “System, Method, and Service for Detecting Improper Manipulation of an Application”, referred to hereafter as the '934 invention or the Branch-Based invention.FIELD OF THE INVENTION [0004]This invention relates generally to the field of software security and more specifically to preventing a malicious user from analyzing and modifying software content,BACKGROUND OF THE INVENTION [0005]Whenever software is sold, there is the possibility that a malicious user will tamper with the software to extract secr...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): G06F11/30
CPCG06F21/14
Inventor JIN, HONGXIALOTSPIECH, JEFFREY BRUCEMYLES, GINGER M.
Owner IBM CORP
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com