A Metric-Based Scheme for Evaluating Tamper Resistant Software Systems
نویسندگان
چکیده
The increase use of software tamper resistance techniques to protect software against undesired attacks comes an increased need to understand more about the strength of these tamper resistance techniques. Currently the understanding is rather general. In this paper we propose a new software tamper resistance evaluation technique. Our main contribution is to identify a set of issues that a tamper resistant system must deal with and show why these issues must be dealt with in order to secure a software system. Using the identified issues as criteria, we can measure the actual protection capability of a TRS system implementation and provide guidance on potential improvements on the implementation. We can also enable developers to compare the protection strength between differently implemented tamper resistance systems. While the set of criteria we identified in this paper is by no means complete, our framework allows easy extension of adding new criteria in future. keywords: Software Tamper Resistance, Evaluation, Metrics
منابع مشابه
Conqueror: Tamper-Proof Code Execution on Legacy Systems
We present Conqueror, a software-based attestation scheme for tamper-proof code execution on untrusted legacy systems. Beside providing load-time attestation of a piece of code, Conqueror also ensures run-time integrity. Conqueror constitutes a valid alternative to trusted computing platforms, for systems lacking specialized hardware for attestation. We implemented a prototype, specific for the...
متن کاملThe aegis Processor Architecture for Tamper-Evident and Tamper-Resistant Processing
We describe the architecture of the aegis processor which can be used to build computing systems secure against both physical and software attacks. aegis assumes that the operating system and all components external to it, such as memory, are untrusted. aegis provides tamper-evident, authenticated environments in which any physical or software tampering by the adversary is guaranteed to be dete...
متن کاملTowards a Formal Model for Software Tamper Resistance
A major challenge in software protection is the problem of tampering where an adversary modifies a program and uses it in a way that was not intended or desired. Several ad hoc techniques for software tamper resistance have been proposed, some of which provide a significant level of resilience against tampering. However, the literature lacks a formal definition of tampering that takes into acco...
متن کاملSelf authentication path insertion in FPGA-based design flow for tamper-resistant purpose
FPGA platforms have been widely used in many modern digital applications due to their low prototyping cost, short time-to-market and flexibility. Field-programmability of FPGA bitstream has made it as a flexible and easy-to-use platform. However, access to bitstream degraded the security of FPGA IPs because there is no efficient method to authenticate the originality of bitstream by the FPGA pr...
متن کاملA new security proof for FMNV continuous non-malleable encoding scheme
A non-malleable code is a variant of an encoding scheme which is resilient to tampering attacks. The main idea behind non-malleable coding is that the adversary should not be able to obtain any valuable information about the message. Non-malleable codes are used in tamper-resilient cryptography and protecting memories against tampering attacks. Many different types of non-malleability have alre...
متن کامل