WO2005098570A1 - Dispositif d’exécution - Google Patents

Dispositif d’exécution Download PDF

Info

Publication number
WO2005098570A1
WO2005098570A1 PCT/JP2005/006307 JP2005006307W WO2005098570A1 WO 2005098570 A1 WO2005098570 A1 WO 2005098570A1 JP 2005006307 W JP2005006307 W JP 2005006307W WO 2005098570 A1 WO2005098570 A1 WO 2005098570A1
Authority
WO
WIPO (PCT)
Prior art keywords
code
encryption
memory
execution device
class
Prior art date
Application number
PCT/JP2005/006307
Other languages
English (en)
Japanese (ja)
Inventor
Mitsuru Kurotaki
Tomonori Nakamura
Original Assignee
Matsushita Electric Industrial Co., Ltd.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Matsushita Electric Industrial Co., Ltd. filed Critical Matsushita Electric Industrial Co., Ltd.
Publication of WO2005098570A1 publication Critical patent/WO2005098570A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/121Restricting unauthorised execution of programs

Definitions

  • the present invention relates to a technology for preventing eavesdropping and falsification of a program, and more particularly to a technology for preventing a program being executed from being eavesdropped and falsified during execution of the program.
  • These applications include those originally built into the device, those purchased and loaded by the user, and those provided by a program distribution service.
  • the programs provided by the program Toshin S-Service are, for example, downloaded via the Internet or multiplexed with digital broadcast waves and transmitted.
  • Patent Document 1 JP 2002-132364 A
  • an object of the present invention is to provide an execution device that prevents eavesdropping and tampering of not only an intermediate code but also a native code.
  • an execution device of the present invention is an execution device that executes an application program having a plurality of portions each including an instruction, and partially creates a native code in a specific memory area. Then, after creating the encrypted code by encrypting the created native code, the created native code is deleted, and the created encrypted code is stored in the encrypted code storage means.
  • Decrypting means for decrypting an encrypted code stored in the means and creating a native code in a specific memory area, and decrypting the encrypted code corresponding to the part when executing each part by the decrypting means.
  • execution control means for deleting the executed native code after executing the native code.
  • the execution device has the above configuration, whereby the native code in the virtual machine is encrypted, and when executed, only the execution range is in a decrypted state. As a result, the chances of eavesdropping and tampering by a third party can be greatly reduced.
  • the application program further determines whether or not each part has the ability to perform encryption.
  • the native code creation unit and the execution control unit may include the confidentiality information shown in FIG. 4 and process only the part that indicates that the confidentiality information is encrypted.
  • the execution device can perform encryption only when the confidentiality of the application is high, so that the application can be protected from eavesdropping and tampering without reducing the execution speed.
  • the confidentiality information further includes information indicating a degree of confidentiality! /
  • the native code creating unit performs the confidentiality information only when the confidentiality information indicates that the confidentiality information is to be encrypted.
  • An encryption code encrypted with the encryption method determined based on the confidentiality information may be created.
  • the portion may be a series of instructions including no branch instruction!
  • the application program may be created in an object-oriented language, and the part may be a method.
  • part may be one instruction.
  • the execution device of the present invention is an execution device that executes an application program having a plurality of parts composed of instructions, and permits or prohibits read and write access to a predetermined memory area.
  • Access control means for controlling the access to the memory device and the access means to permit write access to the predetermined memory area, create a native code from the partial memory in the predetermined memory area, and
  • the predetermined memory area Means for creating a native code for prohibiting write access to the area, and, when executing a part, permitting access for reading to the predetermined memory area by the access means, and reading a native code corresponding to the part.
  • execution control means for prohibiting read access to the predetermined memory area by the access means.
  • the execution device can store the native code in an inaccessible area and read it only when executing the native code. The chances of eavesdropping and tampering can be greatly reduced.
  • FIG. 1 is a diagram showing a configuration of an execution device according to the present invention.
  • FIG. 2 is a diagram showing a configuration example of a class file.
  • FIG. 3 is a diagram showing a configuration example of a class block.
  • FIG. 4 (a) is a diagram showing a configuration example of a class header
  • FIG. 4 (b) is a diagram showing a configuration example of a method header.
  • FIG. 5 (a) is a diagram illustrating an example of the content of encryption strength information
  • FIG. 5 (b) is a diagram illustrating a configuration example and an example of content of division information.
  • FIG. 6 is a diagram illustrating a configuration example and a content example of encryption method information.
  • FIG. 7 is a diagram illustrating a configuration example and a content example of encryption key information.
  • FIG. 8 is a flowchart showing a process of the execution device 1000.
  • FIG. 9 is a flowchart showing a class loading process and a diagram showing contents of a first memory.
  • FIG. 10 is a flowchart showing a verifying process and a diagram showing contents of a first memory.
  • FIG. 11 is a flowchart showing a method execution process and a diagram showing contents of a first memory.
  • FIG. 12 is a flowchart illustrating an IT compilation process and a diagram illustrating contents of a first memory.
  • FIG. 13 is a flowchart showing an optimization process and a diagram showing contents of a first memory.
  • FIG. 14 is a flowchart showing an encryption process, and shows contents of a first memory and a second memory.
  • FIG. 15 is a flowchart showing a decoding process, and a diagram showing contents of a first memory and a second memory.
  • FIG. 16 is a diagram illustrating a configuration of a memory according to a second embodiment.
  • FIG. 16 (a) is a diagram showing a state in which a readable attribute on the memory is set
  • FIG. 16 (b) is a diagram showing a state in which a non-readable attribute on the memory is set.
  • FIG. 17 is a diagram illustrating a configuration of a conventional technique.
  • the execution device is configured such that, when executing an application, not all instructions are sequentially executed due to the presence of a branch instruction of a program, etc. Focusing on the fact that is executed for the first time after passing through multiple processes such as verification and optimization, This is to protect the case from eavesdropping and tampering.
  • the class When the class is loaded, the class is divided into a plurality of parts, and each divided part is encrypted and arranged on the memory.
  • the present invention is characterized in that it is possible to freely change the degree of encryption according to the importance of the application.
  • the degree of confidentiality of an application can only be known by the creator or the user when creating the application.
  • the execution device can specify the strength of encryption for a specific divided part in a class, and the part that has low confidentiality and does not need to perform encryption is relatively confidential. It is possible to change the encryption method in a portion having high property. In addition, by performing encryption using a different encryption key for each divided portion, the overall encryption strength can be increased. Wear.
  • FIG. 1 is a diagram illustrating a configuration of an execution device according to the present invention.
  • the execution device 1000 includes an application acquisition program 1100, an application 1200, a virtual machine 1300, an OS (Operating System) 1400, a first memory 1700, a first CPU (Central Processing Unit) 1900, and a tamper-resistant execution unit 2000.
  • an application acquisition program 1100 an application 1200, a virtual machine 1300, an OS (Operating System) 1400, a first memory 1700, a first CPU (Central Processing Unit) 1900, and a tamper-resistant execution unit 2000.
  • the execution device 1000 has a function specific to each device in addition to a function of executing an application (not shown).
  • the execution device 1000 is a Java (registered trademark) such as a digital television, a set-top box, a DVD recorder, a BD (Blu-ray Disc) recorder, a car navigation terminal, a mobile phone, a PDA (Personal Digital Assistance), and the like. ) All electronic devices equipped with virtual machines are applicable.
  • the function of executing the application of the execution device 1000 is the same as the software execution means mounted on a normal personal computer, digital home appliance, or the like.
  • the execution device 1000 is a digital television, an application that converts received digital data into an image and displays the image is executed.
  • the application 1200 is an application to be executed by the execution device 1000, and the application file outside the device is also downloaded.
  • the application acquisition program 1100 is described in the Java (registered trademark) language, and has a function of reading an application 1200 from an external file, and executing and controlling processes necessary for executing the application.
  • the virtual machine 1300 is a Java (registered trademark) virtual machine that sequentially prays and executes a program described in the Java (registered trademark) language.
  • a software program A virtual machine that is a ram 1300 simulates a virtual CPU and analyzes and executes Java (registered trademark) instruction codes.
  • the virtual machine 1300 includes an interpreter 1310, a class loader 1320, a verifier 1330, a JIT compiler 1340, and an optimizer 1350.
  • the interpreter 1310 has a function of interpreting and executing the bytecode of the application 1200, and performs core processing in the virtual machine. Specifically, if the method called by the program has not been loaded yet, it issues an instruction to load the class to which the method belongs, or instructs the execution of the method.
  • the bytecode is an intermediate code that is obtained by compiling a source written in the Java (registered trademark) language and that does not depend on the hardware.
  • the class loader 1320 has a function of reading and loading a class file constituting the application 1200 from an external file.
  • the class loader 1320 also has a function of unloading a class. This function removes unnecessary classes after execution from the virtual machine 1300.
  • the verifier 1330 has a function of judging a defect in the data format of the class and the security of the Knot code included in the class.
  • the class loader 1320 does not load the class determined to be valid by the verifier 1330.
  • the JIT compiler 1340 has a function of translating the bytecode into an executable format that can be understood by the first CPU 1900.
  • the optimizer 1350 has a function of finely revising a program so that the program can be executed at a higher speed without changing the specification of the program, and operates with smaller size and memory usage.
  • the OS 1400 is a general term for a technology configured by a kernel and a library that execute other subprograms in parallel, and executes the virtual machine 1300 as a subprogram. For example, there is Linux.
  • the first memory 1700 is a so-called working memory, and is composed of a RAM (Random Access Memory). Specifically, it is a primary storage memory such as an SRAM (Static Random Access Memory) divided by a DRAM (Dynamic Random Access Memory).
  • SRAM Static Random Access Memory
  • DRAM Dynamic Random Access Memory
  • This first memory is used by the first CPU 1900, and the OS and virtual machines are also used by this first memory. Will be loaded and executed.
  • the first CPU 1900 has a function of executing a virtual machine 1300, an OS 1400, an application 1200, and the like.
  • the execution device 1000 further has means (not shown) for storing a program of the virtual machine 1300 and the like.
  • a program of the virtual machine 1300 is a ROM (Read Only Memory), specifically, a nonvolatile memory such as a flash memory or a node disk. Further, a recording medium such as a BD-ROM may be used.
  • the tamper-resistant execution unit 2000 includes an encryption unit 2100, a decryption unit 2200, an encryption method information storage unit 2300, an encryption key information storage unit 2400, a second memory 2700, and a second CPU 2900. Is done.
  • the tamper-resistant execution unit 2000 is a program execution means that can execute a program safely while defending an attack from a malicious third party.
  • the encryption unit 2100 has a function of receiving an address on the first memory 1700 from the virtual machine 1300 and encrypting the data. It also has a function of determining what encryption method to use for encryption.
  • the decryption unit 2200 has a function of receiving an address on the first memory 1700 from the virtual machine 1300 and decrypting the data.
  • the encryption method information storage unit 2300 stores the encryption method used in the execution device. Specifically, it is a combination of a plurality of encryption algorithms and keys, and in the present embodiment, six types of combinations are stored. This will be described later with reference to FIG.
  • the encryption key information storage unit 2400 stores the address of the data on the first memory and the encryption method used to encrypt the data.
  • the encryption method is one of the encryption methods stored in the encryption method information storage unit 2300. This will be described later with reference to FIG.
  • the second memory 2700 is a so-called working memory similar to the first memory 1700, and is composed of a RAM (Random Access Memory). This second memory is used by the second CPU.
  • the second CPU 2900 has a function of executing processes of the encryption unit 2100, the decryption unit 2200, and the like.
  • the communication between the tamper-resistant execution unit 2000 and the external virtual machine 1300 or the like is protected so as not to be eavesdropped.
  • the second memory in the tamper-resistant execution unit 2000 and each storage unit cannot be accessed from outside the tamper-resistant execution unit 2000.
  • the tamper-resistant execution unit 2000 can access the first memory and the storage unit outside the tamper-resistant execution unit 2000.
  • first CPU 1900 and the second CPU 2900 can operate independently.
  • the case where the first CPU 1900 and the second CPU 2900 operate independently of each other means, for example, a case where the execution device 1000 includes a plurality of CPUs and one of them is used as the second CPU 2900.
  • Each function of the execution device 1000 is realized by the CPU executing a program stored in a memory or a hard disk of the execution device 1000.
  • FIG. 2 is a diagram showing a configuration example of a class file.
  • the application 1200 is composed of a plurality of class files, and the virtual machine 1300 interprets and executes the class files.
  • the class file 1210 is composed of a plurality of elements, but in this embodiment, magic-numDerl2l1, minor-versionl212, major-versionl21d, fields-countl214, Only fields [fields-count] 1215, metnoas-count 1216, methods [methods-count] 1217 and attributes [attributes-count] 1218 are described, and detailed descriptions of other elements are omitted.
  • magic—numberl211 indicates that the file is a Java (registered trademark) class file.
  • Java (registered trademark) class files always start with “CAFEBABE” t ⁇ ⁇ fixed value. Class files whose value is not "CAFEBABE" cannot be passed through the verification process.
  • minor—version 1212 and maj or—version 1213 indicate the version of the bytecode compiler that created this class file. This version of the virtual machine 1300 Executed by virtual machine only if supported. In addition, minor— version 1
  • fields-countl 214 is the number of fields
  • fields [fields-count] 1215 is an array of information about the fields of this class.
  • methods-countl216 is the number of methods
  • methods [methods-count] 1217 is an array of information about the methods of this class.
  • attributes [attributes-count] 1218 is an array of attribute information possessed by this class. This attribute information can be newly added by the user, and in this embodiment, all information is added according to the encryption strength.
  • FIG. 3 is a diagram showing a configuration example of a class block.
  • the class block 1701 is data obtained by converting the class file 1210 (see FIG. 2) into the internal format of the virtual machine 1300. Specifically, the class file 1210 has been expanded on the memory by the class loader 1320.
  • the class block 1701 includes a class header 1710 and a method 1800.
  • the class header 1710 is data holding class division information and the like, and is data newly added in the present invention. Details of this class header will be described later with reference to FIGS. 4 and 5.
  • the method 1800 includes a method header 1810 and a code 1850.
  • the method 1800 is obtained by converting the methods [methods—count] 1217 into the internal format of the virtual machine 1300, and there are as many as the number of methods—counts 1216.
  • the method header 1810 is data holding information on encryption of a method and the like, and is data newly added in the present invention. Details of this method header will be described later with reference to FIGS. 4 and 5.
  • Code 1850 is a series of instruction codes for executing the function of this method, and is included in most methods. Specifically, it is either bytecode, native code, or optimized native code obtained by performing optimization processing on native code. Information other than the method of the class file is also divided and converted into the internal format, It is assumed that the method is included in the lock 1701, and similarly, information other than the code is converted into the internal format and included in the method (shown by ⁇ ⁇ , ⁇ ⁇ ).
  • FIG. 4 (a) is a diagram showing a configuration example of a class header
  • FIG. 4 (b) is a diagram showing a configuration example of a method header.
  • the class header 1710 includes encryption strength information 1720 and division information 1730.
  • the encryption strength information 1720 indicates the strength of encryption when this class is encrypted, and can be said to indicate the strength of confidentiality of this class.
  • the division information 1730 is information indicating how this class is divided, and the division part is a unit of encryption.
  • the division can be made such that the processing such as encryption is lightened, for example, by dividing the parts having the same reference timing or the same degree of importance into one divided part.
  • the method of the class is one method and one divided part.
  • the method header 1810 includes encryption strength information 1811, a JIT header 1812, an optimization header 1813, and method information 1814.
  • the encryption strength information 1811 indicates the encryption strength when encrypting this method, and is the same as the encryption strength information 1720 in the class header.
  • the encryption strength information 1811 of the method is stronger than the encryption strength information 1720 of the class, the encryption strength information 1811 of the method is adopted, and when the encryption strength information 1811 of the method is weak, the encryption strength information 1720 of the class is used. Shall be adopted.
  • the JIT header 1812 holds information indicating whether or not to perform JIT compilation on the code 1850 and further indicates whether or not the code 1850 has been compiled.
  • the optimization header 1813 describes whether or not to optimize the code 1850, and also describes the current optimization level and the target optimization level. In addition, the optimization header 1813 also indicates the type or ratio of the optimization to be performed, such as the execution speed and the code size.
  • the method information 1814 is data obtained by converting information other than the bytecode included in the methods 313 into an internal format of the virtual machine 1300.
  • the information on which the method header 1810 is created is assumed to be set in attribute information possessed by the method, similarly to the class.
  • FIG. 5A is a diagram illustrating an example of the contents of the encryption strength information (1720, 1811), and FIG. 5B is a diagram illustrating a configuration example and an example of the contents of the division information 1730.
  • “1” is designated as the encryption strength information 1720.
  • the encryption unit 2100 determines the encryption method. In this embodiment, if this value is “0”, it indicates that encryption is not required, and any of “1”, “2”, and “3” can be set. It is assumed that the larger the value is, the higher the confidentiality is, that is, it is required to perform encryption with high strength.
  • FIG. 5B shows the division information 1730, which is composed of an item 1731 and an address 1732.
  • Item 1731 is an item of the class file, and address 1732 is an address located in the first memory.
  • FIG. 6 is a diagram illustrating a configuration example and a content example of encryption method information.
  • the encryption method information 2301 is determined in advance and is stored in the encryption method information storage unit 2300.
  • the encryption method information 2301 includes a key ID 2310, an encryption key 2320, a decryption key 2330, and an encryption algorithm 2340.
  • the key ID 2310 indicates a key identification number.
  • the encryption key 2320 is a key used at the time of encryption
  • the decryption key 2330 is a key used at the time of decryption.
  • the encryption algorithm 2340 represents the encryption algorithm.
  • a certain encryption algorithm is assigned in advance to “A”, “B”, and “C”, for example, [, DES (Data Encryption Standard), RS A (Rivest Shamir Adieman). (?Ah .
  • the encryption key 2320 of the encryption method with the key ID 2310 “l” is “fd456”
  • the decryption key 2330 is “4fgaa”
  • the encryption algorithm 2340 is “A”.
  • FIG. 7 is a diagram illustrating a configuration example and a content example of the encryption key information.
  • the encryption key information 2401 is stored in the encryption key information storage unit 2400.
  • the encryption key information 2401 includes an address 1732 and a key ID 2310.
  • the address 1732 is the address of the first memory in which the encrypted data is stored.
  • the address 1732 is an address where the divided part of the class is arranged, and is the same as the address of the division information 1730 (see FIG. 5).
  • the data pointed to by the address 1732 may be encrypted data or may be decrypted data.
  • the key ID 2310 is the same as the key ID 2310 of the encryption method information 1301. With this key ID 2310, the encryption key information 2401 and the encryption method information 2301 are linked. For example, the data at the address “0x06530012” is encrypted or decrypted by the encryption method with the key ID “4”, and the encryption method is the encryption key 2320 “135fd”, the decryption key 2330 “21jio”, The encryption algorithm is 2340 “C” (see Figure 6).
  • FIG. 8 is a flowchart showing the processing of the execution device 1000.
  • the user turns on the power of the execution device 1000 (step S100).
  • the energized first CPU 1900 activates the OS 1400 (step S110), and the activated OS 1400 activates the virtual machine 1300 (step S120).
  • the activated virtual machine 1300 activates the application acquisition program 1100 (Step S130).
  • the activated application acquisition program 1100 reads the application 1200 from outside the execution device 1000, and starts executing the application (step S140).
  • the virtual machine 1300 encrypts or decrypts the native code of the application or the like (Step S170) as appropriate, and executes the application while protecting the application in the virtual machine 1300.
  • the address of the data to be encrypted and the encryption strength information (1720, 1811) are passed, and at the time of decryption, the address of the data to be decrypted is passed.
  • step S150 When the execution of the application is completed (step S150: YES), a termination process is performed (step S160, step S180), and the process in the execution device is terminated.
  • step S200 the class loading process (step S200), the verify process (step S300), and the method execution process (step S400) will be described below.
  • Step S 170 After describing these processes, the encryption process and the decryption process (Step S 170) will be described.
  • FIG. 9 is a flowchart showing the class loading process and a diagram showing the contents of the first memory. This is the contents of the first memory shown on the left side of the flowchart (9000 to 9003). The contents of this memory represent only those relating to the present invention in chronological order (similar in FIGS. 10 to 15;).
  • the class loading process is a process performed by the class loader 1320, and performs a process of converting a class file into an internal format and arranging it in a memory.
  • the data is divided, and each divided part is encrypted and arranged on the memory.
  • the verification process usually performed during the class loading process is omitted for convenience of description, and the verification process will be described with reference to FIG.
  • the class loader 1320 given the class name by the interpreter 1310 and instructed to load finds a class file corresponding to the passed class name and reads it into the first memory (step S).
  • a class header 1710 is created based on the read class file (step S220, first memory 9002).
  • the encryption strength information 1720 is included as a new attribute in the attribute [attributes-count] 1218 of the class.
  • the class is divided to create division information 1730 (step S220).
  • division is performed as shown in FIG.
  • a class block 1701 is created (step S230, first memory 9002). Specifically, each element that makes up the class block is created. For example, a method header 1810 and a code 1850 are created, and methods 1800 are created for the number of methods. At this time, the method header 1810 and the code 1850 are added to the division information 1730 as one division part. In addition, if the address 1732 of the division information 1730 changes, it is rewritten.
  • a process of encrypting the class block is performed (step S240).
  • the encryption is performed by requesting the tamper-resistant execution unit 2000 (step S240: arrow).
  • the processing unit of this encryption is based on the division information 1730 of the class header 1710, and finally the encryption of the class header 1710 is performed.
  • the address of the division information 1730 in the class header indicates each encrypted division. That is, each time encryption or decryption is performed, the corresponding address of the division information 1730 is rewritten (the same applies hereinafter).
  • the interpreter 1310 manages the address of the encrypted class header.
  • step S250 the class header and the class file on the first memory are deleted.
  • Deletion here does not mean, for example, deleting only the index that manages the recorded data, but rather overwriting the recorded data with a specific value, for example, ⁇ 0x00 ''. Delete (hereinafter the same).
  • the target class file contains only the encrypted class, which is different from the loaded plaintext class, in the first memory. Is protected.
  • FIG. 10 is a flowchart showing the verifying process and a diagram showing the contents of the first memory. This is the contents of the pictorial first memory shown on the left side of the flowchart (9010 to 9012).
  • the verification process is a process performed by the verifier 1330. This verification process is called at appropriate times, such as when loading or linking a class file, and performs the verification process according to the contents at the time of the call.
  • the verifier 1330 that has received the target encryption class file (first memory 9010) from the interpreter 1310 performs a process of decrypting the encryption class file (step S310, the first memory). 9011). In this decryption, only the divided part necessary for the verification process is decrypted. For example, when confirming whether the magic number is “CAFEBABE”, the first divided part of the class header 1710 and the division information 1730 is decoded.
  • the verifying process is performed based on the decryption class block (step S320). At this time, if another class is required, the class block is decoded or loaded to perform a verify process.
  • step S330 If there is a change in the division information 1730 due to the verification processing, update the division information 1730 (step S330
  • the class block is encrypted (step S340). In this case, only the decrypted divided portion of the class block is re-encrypted.
  • the decryption class block is deleted (step S350, first memory 9012).
  • FIG. 11 is a flowchart showing a method execution process and a diagram showing the contents of the first memory. This is the contents of the pictorial first memory shown on the left side of the flowchart (9020 to 9023).
  • This method execution process is a process performed by the interpreter 1310.
  • the class to which the method to be executed belongs is loaded and exists as the encryption class block. This will be described (first memory 9020).
  • JIT compilation processing is often performed at the time of loading a class.
  • JIT compilation is performed before execution of a method.
  • the interpreter 1310 determines whether the corresponding method in the encryption class block to which the method to be executed belongs.
  • the method header 1810 of the sod 1800 is decrypted (step S410, first memory 9021). Specifically, the class header 1710 is decrypted, the address of the class header of the corresponding method is obtained from the division information 1730, and the method header 1810 is decrypted.
  • step S500 JIT compilation processing is performed (step S500).
  • step S430 when this method is optimized (step S430: YES) with reference to the optimization header 1813 of the method header 1810, an optimization process is performed (step S600).
  • the address of the code of the corresponding method is acquired from the division information 1730, the code 1850 is decoded (step S440, first memory 9022), and the process is executed (step S450). At this time, if another method is to be executed, processing such as decoding that method is performed.
  • step S460 the decryption code and the decryption method header are deleted (step S460, first memory 9023).
  • FIG. 12 is a flowchart showing the JIT compilation process and a diagram showing the contents of the first memory. This is the contents of the first memory shown on the left side of the flowchart (9030 to 9032).
  • This JIT compilation processing is mainly processing performed by the JIT compiler 1340.
  • the interpreter 1310 passes the code 1850 to be JIT-compiled to the JIT compiler 1340, and instructs to compile (first memory 9030).
  • the code here is a byte code.
  • Instructed ⁇ JIT Connoiler 1340 decrypts the passed encryption code (step S51).
  • the JIT compiler 1340 creates a native code from the decrypted code (step S520, first memory 9031).
  • the interpreter 1310 encrypts and adds the created native code to the same method 1800 as the base code 1850 (step S530).
  • the decryption code and the native code are deleted (step S540, first memory 9032).
  • FIG. 13 is a flowchart showing the optimization process and a diagram showing the contents of the first memory.
  • the pictorial power shown on the left side of the flowchart is the contents of the first memory (9040 to 9043). This optimization processing is performed by the optimizer 1350.
  • the interpreter 1310 passes the code 1850 to be optimized to the optimizer 1350, and instructs the optimizer 1350 to perform the optimization. It is assumed that the class to which the code 1850 belongs has already been loaded and is stored in the first memory as an encryption class block (first memory 9040). Also, the code here is a Neutral code or a native code.
  • the specified optimizer 1350 decrypts the passed encryption code (step S610, first memory 9041).
  • the optimizer 1350 creates an optimized code based on the decoded code (Step S620, first memory 9042).
  • the processing is performed by decoding.
  • the interpreter 1310 encrypts the created code (step S630) and replaces it with the original code 1850 (step S635).
  • decrypted code targeted for optimization and the created optimized decrypted code are deleted (step S650, first memory 9043).
  • FIG. 14 is a flowchart illustrating an encryption process and a diagram illustrating contents of the first memory and the second memory. Drawings shown on the left side of the flowchart are the contents of the first memory (9050 to 9053) and the second memory (9060 to 9063).
  • This encryption process is a process performed by the encryption unit 2100 of the tamper-resistant execution unit 2000.
  • the virtual machine 1300 passes the address of the data to be encrypted and the encryption strength information (1720, 1811) to the encryption unit 2100, and instructs encryption (first memory 9050, second memory 9060).
  • the dagger 2100 reads the data at the passed address from the first memory to the second memory (step S710, second memory 9061), and deletes the data in the first memory (step S720, 1 memory 9051).
  • the encryption unit 2100 uses the encryption method based on the received encryption strength information (see Figs. 6 and 7). Is determined (step S730). For example, if the encryption strength information requires strong encryption, a strong encryption algorithm is selected from the encryption algorithms 2340, and an encryption method is determined so that the same encryption key 2320 is not consecutive.
  • the data is encrypted using the B code key 2320 of the encryption algorithm 2340 that is the determined encryption method (step S750, second memory 9062, first memory 9052).
  • the encrypted data is written to the first memory (step S760, first memory 9053, second memory 9063), and the written address and the encrypted encryption key ID 2310 are stored in the first memory. Is added to the encryption key information 2401 (step S770).
  • the second memory 2700 Since the second memory 2700 is in the tamper-resistant execution unit 2000, the data does not need to be deleted.
  • FIG. 15 is a flowchart showing the decryption processing, and a diagram showing the contents of the first memory and the second memory. This is the contents of the first memory (9070 to 9073) and the second memory (9080 to 9083) shown on the left side of the flowchart.
  • This encryption process is a process performed by the encryption unit 2100 of the tamper-resistant execution unit 2000.
  • the virtual machine 1300 passes the address of the encrypted data to be decrypted to the decryption unit 2200, and instructs the decryption unit (first memory 9070, second memory 9080).
  • the designated decryption unit 2200 reads the encrypted data at the passed address from the first memory to the second memory (step S810, second memory 9081, first memory 9071), and encrypts the first memory. Delete the data (first memory 9072).
  • Decryption section 2200 searches for address 1732 of encryption key information 2401 for the same address as the received address. If there is the same address, the key ID 2310 corresponding to the address 1732 is specified as the encrypted key ID (step S820).
  • a decryption key 2330 and an encryption algorithm 2340 corresponding to the specified key ID 2310 are obtained from the encryption method information 2301 (step S830), and the data is decrypted (step S840, the second memory 9082, 1 memory 9072).
  • a memory management function provided by the OS 1400 is used instead of the encryption processing and the decryption processing performed by the tamper-resistant execution unit 2000 in the first embodiment. Specifically, it is realized by changing the readable attribute of the first memory 1700 (see Fig. 1), which is the memory area where JIT-compiled native code and intermediate code are loaded!
  • the functional block diagram of the present embodiment is different from the functional block diagram of the first embodiment in FIG. 1 in that the anti-tamper execution unit 2000 is deleted and the memory 3700 described in FIG. Is used.
  • Figures 16 (a) and (b) show the state of the memory when the readable attribute and the unreadable attribute on the memory are set for the memory area that stores the JIT-consolidated code.
  • FIG. 16 (a) and (b) show the state of the memory when the readable attribute and the unreadable attribute on the memory are set for the memory area that stores the JIT-consolidated code.
  • the memory 3700 is divided into a memory 3710 and a memory 3720, and the readable attribute is set in both memories.
  • attack programs such as the virtual machine 1300 and the debugger can read the JIT-compiled code.
  • the memory 3711 has an unreadable attribute set, and at this time, it is not possible to read an attack program such as the virtual machine 1300 or a debugger or IT-compiled code.
  • the memory area storing the IT-compiled code is normally set to be unreadable, and the virtual machine 1300 needs to execute JIT-compiled code or use intermediate data. If necessary, set to be readable as needed.
  • the code that can be stolen is limited to only the code being executed by the first CPU 1900, so that damage such as tampering is minimized. Can be.
  • this eliminates the need to perform the encryption and decryption processes, and thus has the advantage that the JIT-con- nected program can be protected without reducing the execution speed.
  • the following can change the readable attribute of the memory.
  • the Linux OS has a system call mmapO that changes which attributes of memory are readable, writable, and executable.
  • mmapO changes which attributes of memory are readable, writable, and executable.
  • the function of changing the readable attribute of the memory may be realized by hardware.
  • the conventional computer provided with a data protection function mainly includes an encrypted program 201, a decryption unit 202, a virtual machine 203, and a CPU 204.
  • the decryption means 202 and the virtual machine 203 are described in a native code executable by the CPU 204, and the encryption program 201 encrypts a program described by an instruction set interpretable and executable by the virtual machine 203. It is a dagger.
  • Source code capability When generating an execution image of a software (a so-called internal format expanded on a memory), a unique instruction set for the virtual machine is generated, and the source code is compiled into the instruction set described above. Then, the virtual machine 203 and the decryption means 202 are linked.
  • the unique instruction set used here is information that is not made public, an attacker cannot understand the contents even if he sees the decrypted encryption program 201, and as a result, at the intermediate code level, It is more likely that an attacker will be able to prevent eavesdropping and tampering.
  • the execution device has a faster execution speed than the execution of the intermediate code. Even when an active code is created, the native code placed on an accessible memory can be protected from eavesdropping and tampering.
  • the execution device according to the present invention has been described based on the embodiment.
  • the execution device can be partially modified, and the present invention is not limited to the above embodiment. That is,
  • the class of the application may be divided, and the code of the force method that is to be encrypted in method units may be divided.
  • it has the same division information as the division information in the method header and the division information in the class header, and performs encryption and the like.
  • the encryption is performed unless the encryption strength information 1720 of the class header specifies that encryption is not performed.
  • the encryption processing and the decryption processing are optional. You can omit it with the combination of! / ,.
  • encryption and decryption can be omitted by deciding in advance that encryption and decryption should not be performed. It is possible.
  • the first CPU 1900 of the execution device 1000 and the second CPU 2900 of the tamper-resistant execution unit 2000 are physically different CPUs. It is also possible to virtually behave like two CPUs by switching operation modes. Also, in a CPU with multiple CPU cores in one CPU package, such as a multi-core CPU, a specific core may be operated as the second CPU!
  • the execution device 1000 and the tamper-resistant execution unit 2000 have a RAM and a ROM, respectively.
  • one RAM may be virtually treated as two RAMs.
  • one ROM may be virtually treated as two ROMs.
  • the ROM in the tamper-resistant execution unit 2000 may be loaded on the second CPU 2900.
  • the encryption strength information is embedded in the extended attribute of the class file.
  • the encryption strength information may be specified using other methods.
  • the application acquisition program 1100 acquires the XML file recording the encryption strength information at the same time as the application, and passes it to the virtual machine 1300, so that the virtual machine 1300 can know the encryption strength information such as the class. become.
  • the application executed by the execution device 1000 is an application acquisition program 1100.
  • the application file power outside the device is also assumed to be downloaded.
  • the application may be downloaded from a server on the Internet. Good.
  • the application acquisition program 1100 uses TLS (Transport Layer Security), HTT
  • TLS is a data transfer method that prevents eavesdropping and falsification of data during communication by means of encryption (see RFC2246).
  • HTTP is a data transfer method generally used in data communication on the Internet (see RFC2616).
  • RFC Request For Comments
  • the application executed by the execution device 1000 may be a Java (registered trademark) application embedded as a digital broadcast data broadcast in an MPEG (Moving Picture Coding Experts Group) 2 transport stream! ,.
  • the application acquisition program 1100 is embedded in the transport stream.
  • This is a program for reading the Java (registered trademark) application into the execution device 1000.
  • a method of embedding a Java (registered trademark) program in an MPEG2 transport stream for example, there is a DSMCC method.
  • the DSMCC method is a method of encoding a file system composed of directories and files used in a computer in packets of an MPEG2 transport stream (MPEG standard ISOZIEC1381 81-1, MPEG standard ISOZIEC138181). — See 6).
  • the application executed by the execution device 1000 is an SD card (Secure
  • CD-ROM Compact Disk Read Only Memory
  • DVD Digital Versatile Disk
  • Blu-ray Disc etc.
  • Java registered trademark
  • the application acquisition program 1100 is a program for reading these recording medium power applications.
  • the application executed by the execution device 1000 may be a Java (registered trademark) application recorded in a ROM or the like in the execution device 1000! /.
  • the application acquisition program 1100 is a program for reading the Java (registered trademark) application into the working memory with the ROM power.
  • the application acquisition program 1100 and the like are written in a Java (registered trademark) language, and are written in a native language and have the same functions as those of a Java (registered trademark) program. Realized by hardware, it may be.
  • the application executed in the virtual machine is not limited to the one described in the Java (registered trademark) language, and may be the one described in another object-oriented language such as C ++. For example, it may be written in another language.
  • the tamper-resistant execution unit 2000 of the embodiment can be realized by using, for example, TrustZone (registered trademark) technology of ARM.
  • TrustZone registered trademark
  • hardware resources such as RAM and ROM can be virtually allocated to an execution environment called a secure domain.
  • the RAM and ROM assigned to the secure domain can be used only by programs that operate in the secure domain, and cannot be used by programs that operate in non-secure domains. I can't do that.
  • a conventional CPU has two types of modes, a normal mode in which an application operates and a privileged mode in which an OS or the like operates.
  • a program operating in a privileged mode must be altered from a program operating in the normal mode. I can not do it.
  • TrustZone (R) technology also offers a new special mode called monitor mode.
  • the monitor mode can be entered by executing a special instruction prepared by the CPU.
  • security information called S-bit is reported to peripheral hardware such as RAM and ROM.
  • RAM and ROM compatible with TrustZone® technology are configured to permit reading and writing of data to and from the area allocated to the secure domain only when the S-bit is notified.
  • assigned to the secure domain! / Read / write of data to / from the area is permitted regardless of whether the S-bit is notified or not.
  • the secure execution unit can be realized by the secure domain.
  • Intel's LaGrande technology is similar to the TrustZone (registered trademark) technology, such as virtually separating the domain in which ordinary applications and OSs operate from the domain in which applications requiring protection operate. Provides functions. By using such technology, a secure execution unit can be realized.
  • the tamper-resistant execution unit 2000 may be a smart card, an IC card, or the like that is detachable from the force execution device 1000 that is assumed to be built in the execution device 1000.
  • These smart cards and IC cards contain a CPU, memory, and security circuits inside the card.
  • the entire tamper-resistant execution unit 2000 may be realized by hardware.
  • a program for causing the CPU to execute each control process (see FIG. 1 and the like) for realizing each function of the execution device described in the embodiment is recorded on a recording medium or transmitted through various communication paths or the like. Then, it can be distributed and distributed.
  • a recording medium includes an IC card, an optical disk, a flexible disk, a ROM, a flash memory, and the like.
  • the distributed and distributed programs are provided for use by being stored in a memory or the like that can be read by a CPU of the device, and each function of the execution device described in the embodiment is executed by the CPU executing the program. Is achieved.
  • Java registered trademark
  • NTT DoCoMo provides a service called i-appli.
  • a mobile phone terminal downloads a Java (registered trademark) program from an application distribution server on the Internet and executes it on the terminal.
  • DVB Digital Video Broadcasting-Multimedia Home Platform
  • DVB In digital broadcasting based on the MHP standard, digital TV receives and executes a Java TM program multiplexed on a broadcast wave.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Computer Security & Cryptography (AREA)
  • Theoretical Computer Science (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

Un dispositif d’exécution exécute un programme d’application comportant une pluralité de parties constituées d’une instruction, génère un code natif de la partie dans une zone mémoire particulière et crypte les code natif généré de façon à créer un code crypté. Après cela, le dispositif d’exécution efface le code natif généré et stocke le code crypté créé dans un moyen de stockage de code crypté. Lorsqu’il exécute chaque partie, le dispositif d’exécution décrypte le code crypté correspondant à la partie stockée dans le moyen de stockage de code crypté, exécute le code natif et efface le code natif qui a été exécuté.
PCT/JP2005/006307 2004-04-05 2005-03-31 Dispositif d’exécution WO2005098570A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
JP2004110781A JP2007233426A (ja) 2004-04-05 2004-04-05 アプリケーション実行装置
JP2004-110781 2004-04-05

Publications (1)

Publication Number Publication Date
WO2005098570A1 true WO2005098570A1 (fr) 2005-10-20

Family

ID=35125246

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/JP2005/006307 WO2005098570A1 (fr) 2004-04-05 2005-03-31 Dispositif d’exécution

Country Status (2)

Country Link
JP (1) JP2007233426A (fr)
WO (1) WO2005098570A1 (fr)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007133104A (ja) * 2005-11-09 2007-05-31 Sony Corp デジタル放送受信システム及びデジタル放送受信装置
WO2008018310A1 (fr) * 2006-08-09 2008-02-14 Panasonic Corporation Dispositif d'exécution d'application, procédé, et programme
JP2010511227A (ja) * 2006-11-28 2010-04-08 マイクロソフト コーポレーション 信頼性の低いアドレス空間への実行コードのコンパイル
JP2012234362A (ja) * 2011-04-28 2012-11-29 Fujitsu Ltd 情報処理装置、セキュアモジュール、情報処理方法、および情報処理プログラム
JP2015032009A (ja) * 2013-07-31 2015-02-16 富士通セミコンダクター株式会社 プログラム実行方法および復号装置

Families Citing this family (14)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP4727366B2 (ja) * 2005-09-28 2011-07-20 株式会社デジタル 情報処理装置、情報処理システム、プログラムおよび記録媒体
JP2009175880A (ja) * 2008-01-22 2009-08-06 Toshiba Corp 情報処理装置及びプログラム
JP2010217975A (ja) * 2009-03-13 2010-09-30 Nec System Technologies Ltd 情報処理装置、アプリケーションプログラム、及びアプリケーションプログラムの実行方法
US8578175B2 (en) 2011-02-23 2013-11-05 International Business Machines Corporation Secure object having protected region, integrity tree, and unprotected region
US8819446B2 (en) 2009-06-26 2014-08-26 International Business Machines Corporation Support for secure objects in a computer system
US9954875B2 (en) 2009-06-26 2018-04-24 International Business Machines Corporation Protecting from unintentional malware download
US9846789B2 (en) 2011-09-06 2017-12-19 International Business Machines Corporation Protecting application programs from malicious software or malware
US9298894B2 (en) 2009-06-26 2016-03-29 International Business Machines Corporation Cache structure for a computer system providing support for secure objects
US8954752B2 (en) 2011-02-23 2015-02-10 International Business Machines Corporation Building and distributing secure object software
US9864853B2 (en) 2011-02-23 2018-01-09 International Business Machines Corporation Enhanced security mechanism for authentication of users of a system
KR101350390B1 (ko) * 2013-08-14 2014-01-16 숭실대학교산학협력단 코드 난독화 장치 및 그 방법
EP3026559A1 (fr) * 2014-11-28 2016-06-01 Thomson Licensing Procédé et dispositif permettant d'assurer la vérification de l'intégrité d'une application
JP2016126705A (ja) * 2015-01-08 2016-07-11 三菱日立パワーシステムズ株式会社 制御システム、制御方法およびプログラム
KR101832594B1 (ko) * 2016-02-18 2018-02-26 라인 가부시키가이샤 중간 언어 파일의 로딩 속도 개선을 위한 방법 및 시스템

Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH09233067A (ja) * 1990-07-31 1997-09-05 Hiroichi Okano 知的情報処理方法および装置
JP2001175466A (ja) * 1999-12-21 2001-06-29 Fuji Xerox Co Ltd 実行プログラムの生成方法及び実行プログラム生成装置、実行プログラムの実行方法、並びに、コンピュータ可読プログラム記憶媒体
JP2002132364A (ja) * 2000-10-19 2002-05-10 Yutaka Iizuka プログラムを内部解析から保護する方法、コンピュータ読み取り可能な記録媒体及びプログラムの配布方法

Patent Citations (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JPH09233067A (ja) * 1990-07-31 1997-09-05 Hiroichi Okano 知的情報処理方法および装置
JP2001175466A (ja) * 1999-12-21 2001-06-29 Fuji Xerox Co Ltd 実行プログラムの生成方法及び実行プログラム生成装置、実行プログラムの実行方法、並びに、コンピュータ可読プログラム記憶媒体
JP2002132364A (ja) * 2000-10-19 2002-05-10 Yutaka Iizuka プログラムを内部解析から保護する方法、コンピュータ読み取り可能な記録媒体及びプログラムの配布方法

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
LOW ET AL: "Java Control Flow Obfuscation.", June 1998 (1998-06-01), XP002990868, Retrieved from the Internet <URL:URL:http://www.cs.auckland.ac.nz/research/theses/1998/low_douglas_thesis1998.pdf> *

Cited By (8)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2007133104A (ja) * 2005-11-09 2007-05-31 Sony Corp デジタル放送受信システム及びデジタル放送受信装置
US7869594B2 (en) 2005-11-09 2011-01-11 Sony Corporation Digital broadcasting receiving system and digital broadcasting receiving device
JP4631658B2 (ja) * 2005-11-09 2011-02-16 ソニー株式会社 デジタル放送受信システム及びデジタル放送受信装置
WO2008018310A1 (fr) * 2006-08-09 2008-02-14 Panasonic Corporation Dispositif d'exécution d'application, procédé, et programme
JP2010511227A (ja) * 2006-11-28 2010-04-08 マイクロソフト コーポレーション 信頼性の低いアドレス空間への実行コードのコンパイル
JP2012234362A (ja) * 2011-04-28 2012-11-29 Fujitsu Ltd 情報処理装置、セキュアモジュール、情報処理方法、および情報処理プログラム
US8984272B2 (en) 2011-04-28 2015-03-17 Fujitsu Limited Information processing apparatus, secure module, information processing method, and computer product
JP2015032009A (ja) * 2013-07-31 2015-02-16 富士通セミコンダクター株式会社 プログラム実行方法および復号装置

Also Published As

Publication number Publication date
JP2007233426A (ja) 2007-09-13

Similar Documents

Publication Publication Date Title
WO2005098570A1 (fr) Dispositif d’exécution
US11651113B2 (en) Program execution device
US20070271446A1 (en) Application Execution Device and Application Execution Device Application Execution Method
US20080270806A1 (en) Execution Device
US7874009B2 (en) Data processing device
JPWO2007011001A1 (ja) 実行装置
US20130111605A1 (en) Information processing apparatus and information processing method
JP4850830B2 (ja) コンピュータシステム及びプログラム生成装置
US20070186117A1 (en) Secure processor-based system and method
KR20070001893A (ko) 탬퍼-레지스턴트 트러스티드 가상 머신
WO2005096121A1 (fr) Dispositif d&#39;execution
US20080010686A1 (en) Confidential Information Processing Device
EP2051181A1 (fr) Terminal d&#39;informations, dispositif de sécurité, procédé de protection de données, et programme de protection de données
US9256756B2 (en) Method of encryption and decryption for shared library in open operating system
US8479014B1 (en) Symmetric key based secure microprocessor and its applications
JP2008040853A (ja) アプリケーション実行方法およびアプリケーション実行装置
KR101749209B1 (ko) 애플리케이션의 정보 은닉 방법 및 장치, 및 애플리케이션 실행 방법 및 장치
JP4930982B2 (ja) ダウンロードシステム
JP2008011219A (ja) 電子透かし埋込システム、装置及びプログラム
CN116108468A (zh) 一种war、jar程序包加解密方法、系统及介质

Legal Events

Date Code Title Description
AK Designated states

Kind code of ref document: A1

Designated state(s): AE AG AL AM AT AU AZ BA BB BG BR BW BY BZ CA CH CN CO CR CU CZ DE DK DM DZ EC EE EG ES FI GB GD GE GH GM HR HU ID IL IN IS JP KE KG KP KR KZ LC LK LR LS LT LU LV MA MD MG MK MN MW MX MZ NA NI NO NZ OM PG PH PL PT RO RU SC SD SE SG SK SL SM SY TJ TM TN TR TT TZ UA UG US UZ VC VN YU ZA ZM ZW

AL Designated countries for regional patents

Kind code of ref document: A1

Designated state(s): GM KE LS MW MZ NA SD SL SZ TZ UG ZM ZW AM AZ BY KG KZ MD RU TJ TM AT BE BG CH CY CZ DE DK EE ES FI FR GB GR HU IE IS IT LT LU MC NL PL PT RO SE SI SK TR BF BJ CF CG CI CM GA GN GQ GW ML MR NE SN TD TG

121 Ep: the epo has been informed by wipo that ep was designated in this application
NENP Non-entry into the national phase

Ref country code: DE

WWW Wipo information: withdrawn in national office

Country of ref document: DE

122 Ep: pct application non-entry in european phase
NENP Non-entry into the national phase

Ref country code: JP