Security Protection of Software Programs by Information Sharing and Authentication Techniques Using Invisible ASCII Control Code

A new method for software program protection by information sharing and authentication techniques using invisible ASCII control codes is proposed. A scheme for sharing a secret source program written in Visual C++ among a group of participants, each holding a camouflage program to hide a share, is first proposed for safe keeping of the secret program. Only when all the shares hidden in the camouflage programs are collected can the secret program be recovered. The secret program, after being exclusive-ORed with all the camouflage programs, is divided into shares. Each share is encoded next into a sequence of special ASCII control codes which are invisible when the codes are inserted in the comment of the Visual C program and viewed in the window of the Microsoft VC editor. These invisible codes then are hidden in the camouflage program, resulting in a stegoprogram for a participant to keep. Each stego-program can still be compiled and executed to perform the original function of the camouflage program. A secret program recovery scheme is also proposed. To enhance security under the assumption that the sharing and recovery algorithms are known to the public, three security measures via the use of a secret random key are also proposed, which not only can prevent the secret program from being recovered illegally without providing the secret key, but also can authenticate the stego-program provided by each participant, during the recovery process, by checking whether the share or the camouflage program content in the stego-program have been tampered with incidentally or intentionally. Experimental results show the feasibility of the proposed method.