Self-encrypting Code to Protect Against Analysis and Tampering
نویسنده
چکیده
Confidentiality and data authenticity are two basic concepts in security. The first guarantees secrecy of a message, while the latter protects its integrity. This paper examines the use of encryption to secure software static analysis and tampering attacks. We present the concept of code encryption, which offers confidentiality, and a method to create code dependencies that implicitly protect integrity. For the latter we propose several dependency schemes based on a static call graph which allow runtime code decryption simultaneous with code verification. If code is modified statically or dynamically, it will result in incorrect decryption of other code, producing a corrupted executable.
منابع مشابه
From Single-Bit to Multi-bit Public-Key Encryption via Non-malleable Codes
One approach towards basing public-key encryption (PKE) schemes on weak and credible assumptions is to build “stronger” or more general schemes generically from “weaker” or more restricted ones. One particular line of work in this context was initiated by Myers and shelat (FOCS ’09) and continued by Hohenberger, Lewko, and Waters (Eurocrypt ’12), who provide constructions of multi-bit CCA-secur...
متن کاملCode Obfuscation Techniques for Software Protection
An important security problem is to protect software against malicious host attacks. Since the malicious hosts are responsible for the program’s execution, there seems little the program can do to protect itself from disclosure, tampering and incorrect execution [7]. This paper will review some existing code obfuscation techniques for protecting software against those attacks. We will focus our...
متن کاملA new security proof for FMNV continuous non-malleable encoding scheme
A non-malleable code is a variant of an encoding scheme which is resilient to tampering attacks. The main idea behind non-malleable coding is that the adversary should not be able to obtain any valuable information about the message. Non-malleable codes are used in tamper-resilient cryptography and protecting memories against tampering attacks. Many different types of non-malleability have alre...
متن کاملThird International Workshop on Code Based Software Security Assessments —
Despite current software protection techniques, ap-plications are still analysed, tampered with, and abused on a largescale. Crackers compensate for each new protection technique byadapting their analysis and tampering tools. This paper presentsa low-cost mechanism to effectively protect software againstglobal tampering attacks. By introducing diversity per programmeinst...
متن کاملSecuring Android Code Using White Box Cryptography and Obfuscation Techniques
Code obfuscation is a set of program transformations that make program code and program execution difficult to analyze. First of all, obfuscation hinders manual inspection of program internals. By renaming variables and functions, and breaking down structures, it protects against reverse-engineering. It protects both storage and usage of keys, and it can hide certain properties such as a softwa...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2006