CN110383275B - 用于程序代码的计算机辅助的代码混淆的方法 - Google Patents

用于程序代码的计算机辅助的代码混淆的方法 Download PDF

Info

Publication number
CN110383275B
CN110383275B CN201780088267.2A CN201780088267A CN110383275B CN 110383275 B CN110383275 B CN 110383275B CN 201780088267 A CN201780088267 A CN 201780088267A CN 110383275 B CN110383275 B CN 110383275B
Authority
CN
China
Prior art keywords
program code
value
calculation step
mask
code
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Active
Application number
CN201780088267.2A
Other languages
English (en)
Chinese (zh)
Other versions
CN110383275A (zh
Inventor
J.兹万茨格
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Siemens Corp
Original Assignee
Siemens Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Siemens Corp filed Critical Siemens Corp
Publication of CN110383275A publication Critical patent/CN110383275A/zh
Application granted granted Critical
Publication of CN110383275B publication Critical patent/CN110383275B/zh
Active legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Classifications

    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/14Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/106Enforcing content protection by specific content processing
    • G06F21/1066Hiding content
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/52Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow
    • G06F21/54Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity ; Preventing unwanted data erasure; Buffer overflow by adding security routines or objects to programs
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/60Software deployment
    • G06F8/61Installation
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F9/00Arrangements for program control, e.g. control units
    • G06F9/06Arrangements for program control, e.g. control units using stored programs, i.e. using an internal store of processing equipment to receive or retain programs
    • G06F9/30Arrangements for executing machine instructions, e.g. instruction decode
    • G06F9/30003Arrangements for executing specific machine instructions
    • G06F9/30007Arrangements for executing specific machine instructions to perform operations on data operands
    • G06F9/30029Logical and Boolean instructions, e.g. XOR, NOT
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L2209/00Additional information or applications relating to cryptographic mechanisms or cryptographic arrangements for secret or secure communication H04L9/00
    • H04L2209/16Obfuscation or hiding, e.g. involving white box
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L9/00Cryptographic mechanisms or cryptographic arrangements for secret or secure communications; Network security protocols
    • H04L9/002Countermeasures against attacks on cryptographic mechanisms
    • YGENERAL TAGGING OF NEW TECHNOLOGICAL DEVELOPMENTS; GENERAL TAGGING OF CROSS-SECTIONAL TECHNOLOGIES SPANNING OVER SEVERAL SECTIONS OF THE IPC; TECHNICAL SUBJECTS COVERED BY FORMER USPC CROSS-REFERENCE ART COLLECTIONS [XRACs] AND DIGESTS
    • Y04INFORMATION OR COMMUNICATION TECHNOLOGIES HAVING AN IMPACT ON OTHER TECHNOLOGY AREAS
    • Y04SSYSTEMS INTEGRATING TECHNOLOGIES RELATED TO POWER NETWORK OPERATION, COMMUNICATION OR INFORMATION TECHNOLOGIES FOR IMPROVING THE ELECTRICAL POWER GENERATION, TRANSMISSION, DISTRIBUTION, MANAGEMENT OR USAGE, i.e. SMART GRIDS
    • Y04S40/00Systems for electrical power generation, transmission, distribution or end-user application management characterised by the use of communication or information technologies, or communication or information technology specific aspects supporting them
    • Y04S40/20Information technology specific aspects, e.g. CAD, simulation, modelling, system security

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Storage Device Security (AREA)
CN201780088267.2A 2017-03-10 2017-12-13 用于程序代码的计算机辅助的代码混淆的方法 Active CN110383275B (zh)

Applications Claiming Priority (3)

Application Number Priority Date Filing Date Title
DE102017204020.3 2017-03-10
DE102017204020.3A DE102017204020A1 (de) 2017-03-10 2017-03-10 Verfahren zur rechnergestützten Obfuskation von Programmcode
PCT/EP2017/082508 WO2018162107A1 (de) 2017-03-10 2017-12-13 Verfahren zur rechnergestützten obfuskation von programmcode

Publications (2)

Publication Number Publication Date
CN110383275A CN110383275A (zh) 2019-10-25
CN110383275B true CN110383275B (zh) 2023-08-22

Family

ID=61054302

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201780088267.2A Active CN110383275B (zh) 2017-03-10 2017-12-13 用于程序代码的计算机辅助的代码混淆的方法

Country Status (7)

Country Link
US (1) US11341216B2 (enExample)
EP (1) EP3577588B1 (enExample)
JP (1) JP6919973B2 (enExample)
KR (1) KR102336521B1 (enExample)
CN (1) CN110383275B (enExample)
DE (1) DE102017204020A1 (enExample)
WO (1) WO2018162107A1 (enExample)

Families Citing this family (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP3609240A1 (de) 2018-08-09 2020-02-12 Siemens Aktiengesellschaft Computerimplementiertes verfahren und netzwerkzugangsserver zum verbinden einer netzwerkkomponente mit einem netzwerk, insbesondere einem mobilfunknetz, mit einem erweiterten netzwerkzugangskennzeichen
US11456855B2 (en) * 2019-10-17 2022-09-27 Arm Limited Obfuscating data at-transit
US20210303662A1 (en) * 2020-03-31 2021-09-30 Irdeto B.V. Systems, methods, and storage media for creating secured transformed code from input code using a neural network to obscure a transformation function
US11954213B2 (en) 2021-09-13 2024-04-09 International Business Machines Corporation Obfuscating intelligent data while preserving reserve values

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5892899A (en) * 1996-06-13 1999-04-06 Intel Corporation Tamper resistant methods and apparatus
WO2009010338A1 (de) * 2007-07-13 2009-01-22 Siemens Aktiengesellschaft Verfahren zur rechnergestützten obfuskierung eines softwareprogramms und computerprogrammprodukt
EP2937803A1 (en) * 2014-04-23 2015-10-28 Nxp B.V. Control flow flattening for code obfuscation where the next block calculation needs run-time information

Family Cites Families (13)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP3627384B2 (ja) * 1996-01-17 2005-03-09 富士ゼロックス株式会社 ソフトウェアの保護機能付き情報処理装置及びソフトウェアの保護機能付き情報処理方法
JP2003280755A (ja) 2002-03-25 2003-10-02 Nec Corp 自己復元型プログラム、プログラム生成方法及び装置、情報処理装置並びにプログラム
JP2003280754A (ja) 2002-03-25 2003-10-02 Nec Corp 隠蔽化ソースプログラム、ソースプログラム変換方法及び装置並びにソース変換プログラム
US7133525B1 (en) * 2002-05-17 2006-11-07 Communication Security Apparatus Corp. Communication security apparatus and method of using same
US8667301B2 (en) * 2010-04-01 2014-03-04 Apple Inc. Obfuscating transformations on data array content and addresses
US9274976B2 (en) * 2010-11-05 2016-03-01 Apple Inc. Code tampering protection for insecure environments
US10191754B2 (en) * 2012-01-09 2019-01-29 Koninklijke Philips N.V. Virtual machine device having key driven obfuscation and method
US8756435B2 (en) * 2012-03-02 2014-06-17 Apple Inc. Obfuscation of control flow of software
US9336370B2 (en) * 2012-12-06 2016-05-10 Apple Inc. Method and apparatus for dynamic obfuscation of static data
KR101328012B1 (ko) 2013-08-12 2013-11-13 숭실대학교산학협력단 애플리케이션 코드 난독화 장치 및 그 방법
US10599820B2 (en) * 2014-04-23 2020-03-24 Nxp B.V. Control flow flattening for code obfuscation where the next block calculation needs run-time information
US9830326B2 (en) * 2015-06-15 2017-11-28 Ca, Inc. Identifying data offsets using binary masks
KR101619458B1 (ko) 2016-03-02 2016-05-10 (주)케이사인 애플리케이션 코드 난독화 장치 및 이를 이용한 애플리케이션 코드 난독화 방법

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5892899A (en) * 1996-06-13 1999-04-06 Intel Corporation Tamper resistant methods and apparatus
WO2009010338A1 (de) * 2007-07-13 2009-01-22 Siemens Aktiengesellschaft Verfahren zur rechnergestützten obfuskierung eines softwareprogramms und computerprogrammprodukt
EP2937803A1 (en) * 2014-04-23 2015-10-28 Nxp B.V. Control flow flattening for code obfuscation where the next block calculation needs run-time information

Also Published As

Publication number Publication date
EP3577588A1 (de) 2019-12-11
DE102017204020A1 (de) 2018-09-13
CN110383275A (zh) 2019-10-25
US20200042677A1 (en) 2020-02-06
JP2020510935A (ja) 2020-04-09
US11341216B2 (en) 2022-05-24
JP6919973B2 (ja) 2021-08-18
KR102336521B1 (ko) 2021-12-06
WO2018162107A1 (de) 2018-09-13
EP3577588B1 (de) 2021-09-01
KR20190122837A (ko) 2019-10-30

Similar Documents

Publication Publication Date Title
CN110383275B (zh) 用于程序代码的计算机辅助的代码混淆的方法
CN110162981B (zh) 数据处理方法及装置
CN106126981B (zh) 基于虚拟函数表替换的软件安全防护方法
EP2388730A1 (en) Method for generating software code
CN104951674B (zh) 用于应用程序的信息隐藏方法
FI3844647T3 (fi) Järjestelmä ja menetelmä suojatun tietojen tallennuksen tarjoamiseksi datamuistiin
CN109765856A (zh) 安全逻辑系统及操作安全逻辑系统的方法
CN112100582A (zh) 一种应用强对称加密保护软件分发安全的方法
KR20180098172A (ko) 알고리즘으로의 마스킹의 자동 삽입
CN104200137A (zh) 一种保护java程序自身安全的方法
CN104392154A (zh) 一种加密方法
CN110505054B (zh) 一种基于动态白盒的数据处理方法、装置及设备
CN109598105B (zh) 一种微控制器安全加载固件的方法、装置、计算机设备及存储介质
CN108182358B (zh) 文件保护方法、装置、计算设备及计算机存储介质
CN108932407B (zh) 一种程序安全保护方法及装置
CN113938270A (zh) 弹性降低复杂度的数据加密方法和装置
KR101699176B1 (ko) Hdfs 데이터 암호화 및 복호화 방법
CN108021790B (zh) 文件保护方法、装置、计算设备及计算机存储介质
US8862896B2 (en) Data protection using key translation
CN111602367B (zh) 用于保护在使白盒密码算法安全的对策中使用的熵源的方法
CN104866740A (zh) 一种防静态分析文件的方法及装置
WO2021175614A1 (en) Method for protecting a data in a software application
CN114254335A (zh) 基于gpu的加密方法、装置、加密设备及存储介质
CN112214776A (zh) 一种基于卷积神经网络的加密、解密方法及装置
Gomez et al. Functional comparison of the present algorithm on hardware and software embedded platforms

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination
GR01 Patent grant
GR01 Patent grant