WO2008101340A1 - Système et procédé de verrouillage afin de protéger les comportements médiés par logiciel de dispositifs et de programmes - Google Patents

Système et procédé de verrouillage afin de protéger les comportements médiés par logiciel de dispositifs et de programmes Download PDF

Info

Publication number
WO2008101340A1
WO2008101340A1 PCT/CA2008/000331 CA2008000331W WO2008101340A1 WO 2008101340 A1 WO2008101340 A1 WO 2008101340A1 CA 2008000331 W CA2008000331 W CA 2008000331W WO 2008101340 A1 WO2008101340 A1 WO 2008101340A1
Authority
WO
WIPO (PCT)
Prior art keywords
expression
constant
boolean
code
bitwise
Prior art date
Application number
PCT/CA2008/000331
Other languages
English (en)
Inventor
Harold Joseph Johnson
Yuan Xiang Gu
Yongxin Zhou
Original Assignee
Cloakware Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority claimed from US11/709,654 external-priority patent/US8752032B2/en
Application filed by Cloakware Corporation filed Critical Cloakware Corporation
Priority to CN2008800060715A priority Critical patent/CN101622627B/zh
Priority to EP08714653.6A priority patent/EP2126775B1/fr
Priority to CA2678951A priority patent/CA2678951C/fr
Publication of WO2008101340A1 publication Critical patent/WO2008101340A1/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F8/00Arrangements for software engineering
    • G06F8/40Transformation of program code
    • G06F8/53Decompilation; Disassembly

Definitions

  • the present invention relates generally to compiler technology. More specifically, the present invention relates to methods and devices for thwarting control flow and code editing based attacks on software.
  • VHDL VHDL
  • programmatic concepts shown in Table A.
  • a VHDL program can be used either to generate a program which can be run and debugged, or a more detailed formal hardware description, or ultimately a hardware circuit whose behavior mirrors that of the program, but typically at enormously faster speeds.
  • the dividing line among software, firmware, and hardware implementations has blurred, and we may regard a circuit as the implementation of a software program written in an appropriate parallel-execution language supporting low-level data types, such as VHDL.
  • a circuit providing behavior is a software entity or component if it was created by processing a source program in some appropriate hardware-description programming language such as VHDL or if such a source program describing the circuit, however the circuit was actually designed, is available or can readily be provided.
  • An SBE is frequently distributed by its provider to a recipient, some of whose goals may be at variance with, or even outright inimical to, the goals of its provider.
  • a recipient may wish to eliminate program logic in the distributed software or hardware-software systems intended to prevent unauthorized use or use without payment, or may wish to prevent a billing function in the software from recording the full extent of use in order to reduce or eliminate the recipients' payments to the provider, or may wish to steal copyrighted information for illicit redistribution, at low cost and with consequently high profit to the thief.
  • the targeted set of specific SBE behaviors is implemented by means of specific, localized software elements, or the interactions of such elements — routines, control structures such as particular loops, and the like — within the software mediating the behavior of the SBE .
  • [7, 8, 17, 18,] is limited to contexts where live ranges of variables are well partitioned and where constraints on addressing are available (as in loops or similar forms of iterative or recursive behavior) — it lacks the wide and general applicability of [2, 3, 4, 5, 6, 9, 16, 19]. It is very well suited, however, for code performing scientific computations on arrays and vectors, or computations involving many computed elements such as graphics calculations.
  • the protection may be moot: if information is to be displayed, it is unclear that it needs to be protected. However, if such computations are performed for digital watermarking, use of [27] to protect intellectual property such as the watermarking algorithm, or the nature of the watermark itself, would be suitable.
  • An improved method for rendering a software program resistant to reverse engineering analysis whereby existing methods are based on substituting, modifying, or encoding computational expressions or statements, whether the computational expressions or statements themselves are to be protected, or the computational expressions or statements are used to render control flow obscure or tamper-resistant, or the computational expressions or statements are used to render data addressing obscure or tamper-resistant, or the computational expressions or statements are used to render accesses to large bodies of data obscure or tamper-resistant, or the computational expressions or statements are used for some combination of the previously-listed purposes (computation protection, control-flow protection, data- addressing-protection, or protection of accesses to large bodies of data), tampering with one basic block's code causes other basic blocks to malfunction when executed.
  • the method most generally comprises the steps of replacing at least one first constant, mathematical expression, Boolean expression, or bitwise-Boolean expression in such a computational expression or statement, whether the computational expression or statement is in source code or binary code form, of the software program, with a second mixed mathematical and bitwise-Boolean expression, the first constant or expression being simpler than the second expression and the second expression being based on the value or the variables found in the first expression, wherein evaluation of the second mixed mathematical and bitwise-Boolean expression produces a value which preserves the value of the first constant or expression, either: with the original value of the first constant or the original value of the result of the first expression, in which case the second mixed mathematical and bitwise-Boolean expression is obtained from the first constant or expression by converting the first constant or expression by mathematical identities; or, in an encoded form, that is, as a new value, which can be converted back to the original the value of the first constant or expression by applying an information-preserving (that is, bijective) decoding function,
  • the second expression resulting from the performance, or a subexpression of the second expression is itself again converted according to those steps one or more times, so that that method is applied more than once to the original constant or expression or its subexpressions.
  • the conversion of the original constant or expression may be performed according to one or more mathematical identities derived by ordinary algebraic manipulation
  • the first expression may be a Boolean inequality comparison expression and the second expression may be preceded by conversion according to the Boolean identity that JC ⁇ y iff ((x ⁇ y) v ((-i(x ⁇ y)) ⁇ (X - >>))) ⁇ 0 wherein x and y are variables, thereby further obfuscating and complicating the resulting code.
  • the first expression may be a Boolean inequality comparison expression and the second expression may be preceded by conversion according to the Boolean identity that x ⁇ y iff ((x ⁇ y) v ((x v y) A (X - y))) ⁇ 0 wherein x and y are variables, thereby further obfuscating and complicating the resulting code.
  • the first constant or expression may be a bitwise-Boolean constant or expression
  • Boolean expressions where the /th truth table is the truth table for bitwise Boolean expression e, and containts two columns, with left column S 1 , and right column P 1 , the left column S 1 of which is a list of 2' conjunctions, each conjunction being the logical and of each of the / variables or a conjunction obtained from the logical and of each of the t variables by complementing (i.e., logical noMng) of some or all of the / variables, such that each possible such conjunction appears exactly once, and the right column P, of which is a list of 2' Boolean (0 for false or 1 for true) values, where the pair in any given row of the table comprises a conjunction (in the left column S 1 ) and its Boolean value when the expression e, is true (in the right column P 1 -), then the k value columns of the k truth tables, P], ...
  • P k are linearly dependent over Z/(2 ⁇ ); that is, there are k nonzero coefficients a ⁇ , ... , ⁇ * chosen from the ring Z/(2") such that the vector Q 1 Pi + a ⁇ P ⁇ + ... + a ⁇ P k is the all-zeroes vector; and,
  • the automated method may provide that the identities are obtained and stored in an initial setup phase and in which the replacement of the first constant or expression by the second expression is performed in a second, subsequent phase by matching the first expression or an expression for the first constant with the identities obtained in the initial phase and performing the replacement by selecting a randomly chosen matching identity, with or without encoding by a bijective function.
  • the initial phase may not be performed whenever the method is applied, but rather may be performed once, or may be performed only infrequently, whereas the second phase of matching and replacement may be performed whenever the method is applied, so that the initial phase, which is computationally intensive, is performed rarely, whereas the second phase, which is less computationally demanding, is performed frequently. Further, the initial phase may be performed once during the construction of a compiler or compiler-like program translation tool, and in which the second phase may be performed by the compiler or compiler-like translation tool acting on software to be protected according to the foregoing methods.
  • the compiler or compiler-like program may be an obfuscating compiler or a compiler which adds tamper-resistance to software or which adds a combination of obfuscation and tamper-resistance to the programs which it processes, and for which the addition of obfuscation and tamper-resistance is augmented by taking as the first constant or expression, a constant or expression installed by the obfuscating or tamper-resistance-adding compiler for the purpose of adding obfuscation or tamper resistance, and strengthening the obfuscation or tamper-resistance by replacing an expression for the first constant or the first expression according to stored identities obtained and stored in the first phase, and applied during the operation of the obfuscating, tamper-resistance- adding compiler in the second phase.
  • the method may provide that the at least one first constant, mathematical expression, Boolean expression in source code is an expression producing a vector-valued result, the constants or variables of which include a vector- valued variable or variables, and in which the value of the second mixed mathematical and bitwise-Boolean expression preserves the value of the at least one first constant, mathematical expression, Boolean expression or bitwise-Boolean expression in source code in encoded form, where the encoding employed in the encoded form is obtained by computing a function of the result of the first constant, mathematical expression, Boolean expression, or bitwise-Boolean expression, the function being a deeply nonlinear function/constructed by a method comprising:
  • TV 7 is computed by computing the leftmost u bits of all of its output vector elements by applying L to the vector P obtained by taking only the leftmost u bits of its input vector elements, and computing the rightmost v bits of all of its output vector elements by applying G S (p) to the vector Q obtained by taking only the rightmost v bits of its input vector elements, so that the output bits supplied by L(P) and those supplied by G S (p ) (Q) are interleaved throughout the output; and (g) testing/ by enumeration of the frequency of occurrence of its 1 -by- 1 projections to determine whether/is deeply nonlinear, and if not, repeating the above construction until a deeply nonlinear function/is obtained. Further, the method may provide that the linear functions L : If — » If and
  • GQ,GU...,GM ' ⁇ V 9 -> V 1 are not merely 1-to-l, but also bijective, so that both/and its inverse are bijective deeply nonlinear encodings.
  • the linear functions L : If — > If and Go 5 G 1 ,...,G Jt-1 : V -> V 9 may not be merely 1-to-l, but also maximum distance separable, so that the input information is distributed evenly over the output, and so that/ and also its inverse/ 1 if/is bijective, are maximum distance separable deeply nonlinear functions.
  • Figure 1 shows initial and final program states connected by a computation
  • Figure 2 shows exactly the same inner structure as Figure 1 in a typical interlocking situation
  • Figure 3 shows a path through some Basic Block sets, providing an alternative view of a computation such as that in Figure 2;
  • Figure 4A shows pseudo-code for a conditional IF statement with ELSE-code (i.e., an IF statement which either executes the THEN-code or executes the ELSE-code);
  • Figure 4B shows pseudo-code for a statement analogous to that in Fig 4A but where the choice among the code alternatives is made by indexed selection;
  • Figure 5A shows pseudo-code for a conditional IF statement with no ELSE-code
  • Figure 5B shows pseudo-code for a statement analogous to that in Fig 5A but where the choice among alternatives which have code and those which have no code is made by indexed selection.
  • the present invention receives the source code of a piece of software and subdivides that source code into various basic blocks of logic. These basic blocks are, based on their contents and on their position in the logic and control flow of the program, amended to increase or create dependence between the various basic blocks.
  • the amendment to the basic blocks has the effect of extending the outputs of some basic blocks while similarly extending the inputs of other corresponding basic blocks.
  • the extended output contains the output of the original as well as extra information introduced or injected by the code amendments.
  • the extended input requires the regular input of the original basic block as well as the extra information of the extended output.
  • an interlock to be a connection among parts of a system, mechanism, or device in which the operation of some part or parts Y of the system is affected by the operation of some other part or parts X , in such a fashion that tampering with the behavior of part or parts X will cause malfunctioning or failure of the part or parts Y with high probability. That is, the connection between parts of a system which are interlocked is aggressively fragile under tampering.
  • the purpose of the instant invention is to provide a general, powerful, targeted facility for inducing such aggressive fragility affecting specific SBE behaviors.
  • the motivation is generally to modify the behavior of the program in some specific way. For example, if an application checks some piece of data, such as a password or a data token, which must be validated before the user may employ the application, an attacker may wish to produce a new version of the program which is similar to the original, but which does not perform such validation, thus obtaining unrestricted and unchecked access to the facilities of the application. Similarly, if an application meters usage for the purpose of billing, an attacker may wish to modify the application so that it performs the same services, but its usage metrics record little or no usage, thereby reducing or eliminating the cost of employing the application.
  • some piece of data such as a password or a data token
  • tampering with the software or data of a program is that it is a goal-directed activity which seeks specific behavioral change. If the attacker simply wished to destroy the application, there would be a number of trivial ways to accomplish that with no need for a sophisticated attack: for example, the application executable file could be deleted, or it could be modified randomly by changing random bits of that file, rendering it effectively unexecutable with high probability.
  • the protections of the instant invention are not directed against attacks with such limited goals, but against more sophisticated attacks aimed at specific behavioral modifications.
  • the instant invention provides methods and systems by means of which, in the software mediating the behavior of an SBE , a part or parts X of the software which is not interlocked with a part or parts Y of the software, may be replaced by a part or parts X' , providing the original functionality of part or parts X , which is interlocked with a part or parts Y' , providing the original functionality of part or parts Y , in such a fashion that the interlocking aspects of X' and Y' are essential, integral, obscure, and contextual.
  • composition of MFs m x ,...,m k xeS x is a member of set S set S is contained in or equal to set T sum of X 1 ,...,X ⁇
  • VHDL very high speed integrated circuit hardware description language
  • Ax B is the Cartesian product of A and B ; i.e., the set of all pairs ⁇ a,b) where a e A (i.e., a is a member of A ) and b e B (i.e., b is a member of B ).
  • a e A i.e., a is a member of A
  • b e B i.e., b is a member of B
  • v is the tuple of length
  • obtained by creating a tuple containing the elements of u in order and then the elements of v in order: e.g., ( ⁇ , b, c, d) ⁇ (x, y, z) (a,b, c, d, x, y, z) .
  • AxB This notation is similar to that used for functions below. Its intent is to indicate that the binary relation is interpreted as a multi-function (MF), the relational abstraction of a computation — not necessarily deterministic — which takes an input from set A and returns an output in set B . In the case of a function, this computation must be deterministic, whereas in the case of an MF, the computation need not be deterministic, and so it is a better mathematical model for much software in which external events may effect the progress of execution within a given process.
  • A is the domain of MF R
  • B is the codomain of MF R .
  • R[X) ⁇ ye B ⁇ 3xeX :-(x,y)eR ⁇ .
  • R ⁇ X ⁇ is the image of X under R .
  • R(a) ⁇ b mean that b e R ⁇ ⁇ a ⁇ ⁇
  • R(a) 1 (read " R(a) is undefined " to mean that there is no b e B :- ⁇ a,b)e R .
  • R:: A ⁇ -> B we define
  • R- ⁇ ⁇ (b,a) ⁇ (a,b) ⁇ R ⁇ .
  • R '1 is the inverse of R .
  • R binary relations
  • S ° R :: A ⁇ -> C by
  • SoR is the composition of S with R .
  • Q, R, S, (S °R)°Q So(RoQ) .
  • [R 1 ,..., R J is the aggregation of R x , ... , R k .
  • R(X ⁇ ,---,x m ) ⁇ (y ⁇ ,—,y n ) iff R ⁇ (x v ...,x m ) ⁇ y ⁇ fori ⁇ ,...,n.
  • R x , ... , R k is the conglomeration of R x , ... , R k .
  • a directed graph is an ordered pair G — (N, A) where set N is the node-set and binary relation AQNXN is the arc-relation or edge-relation. (x,y) ⁇ A is an arc or or edge of G .
  • a node y e N is reachable from a node x e N
  • the reach of a node x in N is the set of nodes which are
  • ⁇ ⁇ y ⁇ (x,y) e A ⁇ ⁇ the number of arcs in A which start at x and end at some other node, is the out-degree of node x
  • I ⁇ x I (x,y) ⁇ A ⁇ ⁇ the number of arcs in A which start at some node and end at y , is the in- degree of node y .
  • the degree of a node n e. N is the sum of « 's in- and out-degrees.
  • a DG G (N, A) is a control-flow graph (CFG) iff it has a distinguished source node n Q e N from which every node n e N is reachable.
  • G (JV, A) be a CFG with source node n 0 .
  • a node x e N dominates a node y e N iff every path beginning with n 0 and ending with y contains x .
  • every node dominates itself.
  • j Y
  • 1 .
  • Z denotes the set of all integers and N denotes the set of all integers greater than zero (the natural numbers).
  • Zl (m) denotes the ring of the integers modulo m , for some integer m > 0 .
  • Z/(m) GF (m)
  • Bitwise Computer Instructions and (B",V, ⁇ ,-,) Bitwise Computer Instructions and (B",V, ⁇ ,-,) .
  • B" the set of all length- n bit- vectors, a computer with n -bit words typically provides bitwise and ( ⁇ ), inclusive or ( v ) and not ( -» ).
  • (B",V, ⁇ ,-I) is a Boolean algebra. In (B,V, ⁇ ,-,) , in which the vector- length is one, 0 is false and 1 is true.
  • a matrix over Z/(2") may have a nonzero determinant and still have no inverse.
  • the matrix is not invertible over Z/(2") for any n e N , even though its determinant is 2.
  • a matrix over Z/(2") is invertible iff its determinant is odd.
  • BA[I] is a special case, because + and ⁇ are identical in this BA algebra ( ⁇ is sometimes called "add without carry", and in BA[I] the vector length is one, so + cannot be affected by carry bits.)
  • a non-constant polynomial is irreducible if it cannot be written as the product of two or more non-constant polynomials. Irreducible polynomials play a role for polynomials similar to that played by primes for the integers.
  • the variable x has no special significance: as regards a particular polynomial, it is just a place-holder. Of course, we may substitute a value for x to evaluate the polynomial — that is, variable x is only significant when we substitute something for it.
  • Z/(p) is not only a modular integer ring, but a modular integer field. It is differentiated from a mere finite ring in that every element has a unique inverse.
  • GF (p n ) there is a field having p" elements, denoted GF (p n ) .
  • the field can be generated by polynomials of degrees 0 to n - 1 , inclusive, over the modular ring Zl(p) , with polynomial computations performed modulo an irreducible polynomial of degree n .
  • AES advanced encryption standard [ 15] is based on computations over GF (2 8 ) .
  • Matrix operations over GF (2" ) are rendered much more convenient due to the fact that functions which are linear over GF (2" ) are also linear over GF (2) ; i.e., they can be computed using bit-matrices.
  • Virtually every modern computer is a 'vector machine' for bit- vectors up to the length of the machine word (typically 32 or 64), which facilitates computations based on such bit-matrices.
  • a partial evaluation (PE) of an MF is the generation of a MF by freezing some of the inputs of some other MF (or the MF so generated). More formally, let /:: Xx Y H> Z be an MF .
  • the partial evaluation (PE) of f for constant c e Y is the derivation of that MF g::I h> Z such that, for any x e X and z e Z , g(x) -» z iff f(x,c) -> z .
  • we may also write g(-) ⁇ f(-,c) we may also refer to the MF g derived by PE of / as a partial evaluation (PE) of / . That is, the term partial evaluation may be used to refer to either the derivation process or its result.
  • / and g above are programs, and x, c are program inputs, and the more specific program g is derived from the more general program / by pre-evaluating computations in / based on the assumption that its rightmost input or inputs will be the constant c .
  • x,c may contain arbitrary amounts of information.
  • S the set of all source code files
  • E the set of object code files.
  • e p(s) would denote an application of the compiler program p to the source code file 5 , yielding the object code file e . (We take p to be a function, and not just a multi-function, because we typically want compilers to be deterministic.)
  • X (the input set which the PE retains) is S (the set of source code files)
  • Y (the input set which the PE removes by choosing a specific member of it) is Dx T (the Cartesian product of the set D of source semantic descriptions and the set T of target platform semantic descriptions)
  • Z (the output set) is E (the set of object code files).
  • PE is used in [7, 8]: the AES -128 cipher [15] and the DES cipher [12] are partially evaluated with respect to the key in order to hide the key from attackers.
  • a more detailed description of the underlying methods and system is given in [17, 18].
  • Optimizing compilers perform PE when they replace general computations with more specific ones by determining where operands will be constant at run-time, and then replacing their operations with constants or with more specific operations which no longer need to input the (effectively constant) operands.
  • OE output extension
  • RPE Reverse Partial Evaluation
  • RPE tends to be specific and deterministic
  • RPE offers an indefinitely large number of alternatives: for a given g , there can be any number of different tuples (f,c, Y) every one of which qualifies as an RPE of g .
  • ⁇ 4 end point is represented by a graph node, and an arc connects the node corresponding to a BB U to the node corresponding to a BB V if, during the execution of the containing program, control either would always, or could possibly, flow from the end of BB U to the start of BB V . This can happen in multiple ways: (1) • Control flow may naturally fall through from BB U to BB V .
  • control flow naturally falls through from U to V : switch ( radix) ⁇ case HEX : U case OCT : V
  • Control flow may be directed from U to V by an intra-procedural control construct such as a while-loop, an if-statement, or a goto-statement.
  • control is directed from A to Z by the break-statement: switch (radix) ⁇ case HEX:
  • Control flow may be directed from U to V by a call or a return.
  • control is directed from B to A by the call to f ( ) in the body of g ( ) , and from A to C by the return from the call to f ( ) :
  • Control flow may be directed from U to V by an exceptional control-flow event.
  • control is potentially directed from U to V by a failure of the dynamic_cast of, say, a reference y to a reference to an object in class A:
  • A& x dynamic_cast ⁇ A&> (y) ;
  • / is a function, but if / makes use of nondeterministic inputs such as the current reading of a high-resolution hardware clock, / is an MF but not a function.
  • some computer hardware includes instructions which may produce nondeterministic results, which, again, may cause / to be an MF, but not a function.
  • N the set of BB s of the program
  • n 0 the BB appearing at the starting point of the program (typically the beginning BB of the routine main() for a C or C++ program)
  • T the start node
  • a CFG C (N, T) may represent a slice of a computation, where a slice is that part of a computation related to a particular subset of inputs and/or variables and/or outputs.
  • the concept of a slice is used in goal-directed analysis of programs, where analysis of the full program may consume excessive resources, but if attention is focussed on only a part of the computation, a deeper analysis of that part is feasible.
  • the single-process non-parallel program C may be embedded in a larger parallel program C so that C occupies more than one process, but with respect to the computations in the elements of N , the computations are effectively sequential, because of messaging constraints or other constraints imposed by C .
  • a BB may also include routines.
  • a routine itself contains a CFG , and is constructed to permit this CFG to be executed by a call which passes into the routine initial parts of its state (arguments), with execution returning immediately after the call.
  • a routine-call as a sort of 'super instruction' which causes the computer to perform a more complex change of the state than the usual computer instruction.
  • the instant invention describes a technique based on the concepts of partial evaluation (PE) of MFs, output extension (OE) of MFs, reverse partial evaluation (RPE) of MFs, and dominating nodes and sets in control-flow graphs.
  • PE partial evaluation
  • OE output extension
  • RPE reverse partial evaluation
  • FIG. 1 An interlocks minimal relational structure is shown in Figure 1.
  • initial and final program states connected by a computation are shown.
  • the upper path from the A state to the B state represents a normal, unencoded or unobfuscated computation
  • the lower path from state A ' to state B' represents an encoded or obfuscated computation from an encoded or obfuscated state A' (an obfuscation of state A) to an encoded or obfuscated state B ' (an obfuscation of state B)
  • ' indicates a modified entity: an input-output encoded, input-encoded, or output-encoded MF or an encoded data state.
  • R' is the transfer MF: it carries interlocking information from state A' to state d'.
  • R was an original computation, transforming a computation state a e A to a state 6 e 5 .
  • R' is the computation after it has been modified according to the instant invention.
  • R' is the modified computation, transforming an extended state a' e A' to an extended state b' e B' .
  • a and b' contain all of the information in a and b , respectively, plus additional information.
  • the additional information can be used to determine whether (1) b' arose from the intended computation R' on a' , or (2) b' instead arose from code which has been modified by an attacker, and/or from modified data replacing a' due to tampering by an attacker.
  • FIG. 1 shows initial and final program states connected by a computation.
  • This diagram applies to an interlock operating in isolation, where no significant data states precede the occurrence of the interlock and no significant data states follow it: i.e., such an interlock is derived by omissions from the interlock structure shown in Fig 2 on: the (interlock-information-)/?>Wacrio « code F' of the interlock, which sets up (interlock- information-)pra ⁇ iMcec?
  • Figure 2 shows exactly the same inner structure as Figure 1 in a typical interlocking situation, where execution along the lower path is interlocked by diverting execution from the A-to-B path at some preceding state P onto the encoded or obfuscated A'-to-B' path, and then returned to normal, unencoded or unobfuscated computation at some unencoded or unobfuscated ending state E which ends the interlock.
  • execution along the lower path is interlocked by diverting execution from the A-to-B path at some preceding state P onto the encoded or obfuscated A'-to-B' path, and then returned to normal, unencoded or unobfuscated computation at some unencoded or unobfuscated ending state E which ends the interlock.
  • execution along the lower path is interlocked by diverting execution from the A-to-B path at some preceding state P onto the encoded or obfuscated A'-to-B' path, and then returned to
  • interlock A and B We have chosen to interlock A and B .
  • prologue state P After the introduction of the interlock, we start in prologue state P , convert it to the produced state A' by production computation F' , where A is related to A' by domain encoding relation d , convert A' to the transferred state B' by transfer computation R' , where B is related to B' by codomain encoding c , and convert B' to the epilogue state E by consumption computation G' .
  • the components of the installed interlock are the production F' , the produced state A' , the transfer R' , the transferred state B' , and the consumption G' .
  • the corresponding components before installation of the interlock are named by adding the prefix "pre" to indicate that the interlock installation modifications have not yet been made: the preproduction F , the preproduced state A , the pretransfer R , the pretransferred state B , and the preconsumption G .
  • the prologue state P and the epilogue state E are present both before and after the interlock is installed.
  • F' is derived from F by output extension (OE).
  • OE output extension
  • V OE P h ⁇ A x J of F ; i.e., we modify F to compute extra information J by output extension.
  • F' is an encoded version of an OE F OE of the original F .
  • R':: A' ⁇ -> B' is derived from R:: A ⁇ B by aggregation.
  • the original computation intervening between A and B namely R.: A h-> B , must be replaced by a computation which takes us from A' to B' .
  • A' (Ax J)' .
  • Preserving Information Functions which lose no information are well known in computer arithmetic and in finite rings and fields. For example, adding a constant c loses no information (the original can be recovered by subtracting c ); exclusive-or with c loses no information (the original can be recovered by a second exclusive-or with c ), multiplication by a nonsingular (i.e., invertible) matrix over a finite field or ring loses no information (the original vector is recovered by multiplying by its inverse), application of a deeply nonlinear bijective function to a vector, where the function is implemented according to the method described in The Solution: Use Wide-Input Deeply Nonlinear Functions loses no information (the original vector is retrieved by applying the inverse of that function derived as described in Inverting the Constructed Deeply Nonlinear Function).
  • G' is derived from G by reverse partial evaluation ( RPE ).
  • RPE reverse partial evaluation
  • G' is an encoded version of an RPE G RPE of the original G .
  • the actual interlocked computation is R' . r ' and states A, B do not exist in the final implementation; they are only used during construction of the interlock production computation F' , which transitions the state from P , not modified by insertion of the interlock, to A' , the state which sets up the interlock dependency, the interlocked computation R' , based on the non-interlocked computation R , where R' is the computation which carries the interlock dependency from state A' to state B' , and the interlock epilogue computation G' , which transitions the state from B' back to E , the interlock epilogue state, which is not modified by the insertion of the interlock.
  • FIG. 3 shows a path through the BB sets, pre-interlocking.
  • the path would be similar, but instead of X, V, Y , x ⁇ ,x 2 ,x 3 ,...,x i ,...,x m , v ⁇ ,v ⁇ ,v r ,...,v ⁇ , y v y 2 , y 3 ,...,j ; ,...,j n , the BB set and BB labels would be XTX', ⁇ ,...,*,,...
  • Figure 3 shows a path through some Basic Block sets, providing an alternative view of a computation such as that in Figure 2, where control flows through an initial setup X (shown as the state P to the state A ' path in Figure 2), through an encoded or obfuscated computation V (shown as the state A' to state B' path in Figure 2), and finally through a computation 7 restoring normalcy (shown as the B' to E path in Figure 2).
  • initial setup X shown as the state P to the state A ' path in Figure 2
  • V shown as the state A' to state B' path in Figure 2
  • a computation 7 restoring normalcy shown as the B' to E path in Figure 2.
  • state information as in the prologue states P 1 ,..., P m , the preproduced states A 1 , ... , A m , the produced states A ⁇ ,...,A m ' , the pretr ⁇ nsferred states B x , ... , B n , the transferred states B[,...,B n ' , and the epilogue states E 1 ,..., E n , includes program counter information; i.e., the current execution position in the program is associated with the state.
  • P — P x u • • ⁇ u P 1n , A A x U - --Kj A 1n ,
  • V corresponds to V , which carry the information of the output extension F' (the pro auction) computed by X' (the production BBs) to the RPE G' (the consumption) computed by Y' (the consumption BBs). That is, the BBs in V perform the computation R in the unmodified program, and, with the interlock installed, the BBs in V 's replacement set V (the transfer BBs) perform the computation R' (the transfer).
  • BBs X perform computation F
  • BB s Y perform computation G
  • BB s X' perform computation F'
  • BB s Y' perform computation G
  • BB s V perform computation R
  • BB s V perform computation R' .
  • BB computes a modified function g j ' ⁇ c,e) .
  • e be essential in the evaluation of g' . That is, we require that, for with high probability, any change to the value e will cause g ⁇ ' to compute a different result. If this is not the case, then tampering which modifies the value of extra information e produced by output extension into different information e may well leave the result produced by g ⁇ untouched.
  • Software can be rendered obscure by a variety of techniques affecting various aspects of the code: see, for example, [2, 3, 4, 5, 7, 9, 17, 18, 19, 20, 27]. Use of some of these techniques can also be used to make computation of the extra output of an output extension integral to the original computation: see, for example, [2, 3, 4, 5, 19].
  • a purple duck in a flock of white ducks.
  • Three exemplary ways to make a purple duck resemble the white ducks making up the remainder of its flock are: (1) color the purple duck white; (2) color the white ducks purple; or (3) color all of the ducks green.
  • interlocks are targeted at tying together very specific parts of the code, without a need for modifying large portions of a containing program, it is essential that use of the identities must generate code which is difficult to analyze.
  • MBA expressions which combine two very different algebraic structures, are ideal in this regard, because they are
  • the truth table has 2' distinct entries in its Conjunction column, 2' distinct entries in its Binary column, and 2' corresponding result-bits in its Results column (see Table C for an example).
  • any variable can be represented as an additive equivalent; i.e., any value v can be represented as a sum of values v, H — + v k for some choice of v, , ... , v k . Indeed, if we fix all but v, in the list v, , ... , v k , we can still produce the desired sum v by appropriately choosing the unfixed V 1 of V 1 ,..., v k , where k ⁇ 2 .
  • a constant value may be a static constant (one having a value fixed at the time when the software employing it is compiled) or a dynamic (i.e., relative or temporary) constant (one which is not available when the software using it is compiled, but is not changed after it is first computed in the scope of the computational values it is intended to support, so that it is 'relatively constant', 'temporarily constant' or 'constant over a dynamically occurring temporary interval of time').
  • An example of a dynamic/relative/temporary constant might be a randomly chosen cryptographic session key, which is used for a particular set of communications over a limited period of time.
  • session keys are typical in connection with public key cryptography, because public key cipher systems such as the RSA public key cryptosystem, or an elliptic curve public key cryptosystem, encrypt and decrypt slowly compared to symmetric key ciphers such as AES. Hence RSA is used to establish a session key, and then the session key is used to handle the rest of the information transfer occurring during the session.
  • public key cipher systems such as the RSA public key cryptosystem, or an elliptic curve public key cryptosystem
  • nx m vector functions / and constant extraction functions g can be found by using the identities disclosed in [2, 4, 5, 20], or disclosed or quoted in ⁇ 2.5.3 or disclosed in ⁇ 2.5.4, or identities found using the methods of ⁇ 2.5.1 or ⁇ 2.5.2, or identities found by applying the inverses provided by the mappings in [20] or their extension by means of the additional nonlinear mappings in ⁇ 2.7.7, or by any combination of the above, as would be evident to persons versed in the art of algebraic manipulation. Only straightforward derivations, readily performed by beginning college-level students of modular integer rings, and therefore readily automatable as manipulations performed by computer programs, need be considered — this provides a huge variety of choices, more than sufficient to provide adequate obfuscation.
  • the matrix method given above could employ a matrix over the infinite ring of the integers, and nevertheless return a value interpreted as a bit-string representing a polynomial over GF (2) , with the bits of the constant representing the coefficients of the polynomial.
  • Constant values of any size can be accommodated by generating the constants in segments, where each segment has a size convenient for the target platform of the software to be protected. For example, a matrix constant can be generated by using the above method separately, once per matrix element.
  • US Patent 6,594,761 [2] contemplates data encodings of many different kinds including one-dimensional (one scalar variable at a time) and multi-dimensional (more than one variable at a time) linear and polynomial encodings over the integer ring or approximated over the floating point numbers, residue encodings based on the modular decomposition of integers according to the Chinese remainder theorem, bit-exploded encodings, and table-lookup encodings.
  • patent application 10/478,678 [5] add to these encodings in which one variable's encoding depends on another's, or in which several variables are encoded so that the representation of each varies with the representation of the others, and the organization of many such encodings into related systems of equations in order to coordinate the encodings of many different pieces of data, thereby inducing aggressive fragility under tampering attacks.
  • the combination of these patents and applications provides a system by means of which we can take much of the computation in a program, and, with respect to Fig. 1, restricting all of to be functions, we replace plain computations over a region of a program with encoded ones such that
  • [2] and [4] can have significant overheads.
  • n is the target computer word size in bits
  • the overhead of [3], or of ]3] extended according to ⁇ 2.7.3, can be substantial, since a lump (see column 16, item 5 in [3]) generally contains at least two pieces (see column 16, item 4 in[3]), and each piece is typically included in more than one lump, in order to achieve the m -to- n mapping (with m > 1 and n > 1 ) of functionality to locations in the code. That is, each individual computation in the code to be protected typically appears two or more times in the modified code in which the protections of [3] have been applied.
  • Every piece is executed emulatively (i.e., to perform useful computation), in contrast to the normal behavior of code protected according to [3], in which some executions of a given occurrence of a piece in a given lump are emulative, while others are merely connective (i.e., carrying entropy around for randomization purposes, but not performing computations of the original program).
  • substitution boxes SBs
  • lookup tables i.e., lookup tables
  • Such tables can be large, and a valuable alternative for such encodings is to employ arbitrary choices among the encodings of [20] with the enhancements thereto disclosed in ⁇ 2.7.7; i.e., instead of strictly random functions, employ permutation polynomials of orders 1 through 4 inclusive. For such functions, only the coefficients are needed rather than the entire tables, which may provide a very great space saving, and polynomials and their inverses according to the above methods are easily composed.
  • any data transformation computed by an input-output-encoded implementation of such a blocked matrix representation which is implemented as a network of substitution boxes, or a similar devices for representing essentially arbitrary random functions, is linear up to I/O encoding; that is, any such transformation can be converted to a linear function by individually recoding each input vector element and individually recoding each output vector element.
  • the attack method in [1] is a particular instance of a class of attacks based on homomorphic mapping.
  • the attack takes advantage of the known properties of linear functions, in this case over GF (2 8 ) since that is the algebraic basis of the computations in the AES.
  • addition in GF (2") is performed using bitwise ® (exclusive or), and this function defines a Latin square of precisely known form.
  • the Solution Use Wide-Input Deeply Nonlinear Functions.
  • the solution is to replace such matrix functions with functions which are (1) wide-input; that is, the number of bits comprising a single input is large, so that the set of possible input values is extremely large, and (2) deeply nonlinear, that is, functions which cannot possibly be converted into linear functions by i/o encoding (i.e., by individually recoding individual inputs and individual outputs).
  • Making the inputs wide makes brute force inversion by tabulating the function over all inputs consume infeasibly vast amounts of memory, and deep nonlinearity prevents homomorphic mapping attacks such as that in [I].
  • elements of G are 8-bit bytes and elements of G 11 and G v are 4-bit nybbles (half-bytes).
  • extract[r, ⁇ ](-) and interleave(y) which are readily implementable on virtually any modern computer, as would be evident to those versed in code generation by compiler.
  • extract, s](S) (b r ,b r+ ⁇ ,...,b s ) ; i.e., extract[r,s] returns bits r to s , inclusive.
  • extract[r, s](V) (extracttr,s](5,),extract[r,5](5 2 ),...,extract[r, ⁇ ](5 z )) . i.e., extractor, s] returns a new vector containing bits r to s , inclusive, of each of the old vector elements.
  • each element of interleave ⁇ , PF is the concatenation of the corresponding element of V with the corresponding element of W .
  • V 11 extract[0, K -I](K)
  • V v extract[u, n - 1 ](V)
  • step (4) The function / defined in step (4) above may or may not be deeply nonlinear.
  • the next step, then, is to check for deep nonlinearity. We determine this using the following test.
  • step (5) If the test in step (5) does not show that / is deeply nonlinear (or, for the variant immediately following this list, sufficiently deeply nonlinear), we return to step (1) and try again.
  • step (5) we may increase the number of g functions with randomly selected distinct groups of three inputs and one output, for which we must show that the /' instance count is not obtainable by matrix. The more of these we test, the more we ensure that / is not only deeply nonlinear, but is deeply nonlinear over all parts of its domain. We must balance the cost of such testing against the importance of obtaining a deeply nonlinear function which is guaranteed to be deeply nonlinear over more and more of its domain.
  • a deeply nonlinear function /: G p i-> G q constructed as described above has the following properties: (l) if L and R v ...,R k are 1 -to- 1, then / is 1-to-l ;
  • the Hamming distance between two k -vectors is the number of element positions at which u and v differ; i.e., it is
  • S is a finite field or finite ring and / is a function computed by a q x p matrix (an MDS matrix, since the vector transform it computes is MDS ), say M , then any zxz matrix M' obtained by deleting all but z ofthe rows of M and then deleting all but z of the columns (where z ⁇ 1 ), is nonsingular; i.e., every square sub-matrix of M is nonsingular.
  • MDS functions are important in cryptography: they are used to perform a kind of "ideal mixing'.
  • the AES cipher[15] employs an MDS function as one of the two state-element mixing functions in each of its rounds except the last.
  • This method can be employed when function s (see step (3) of the construction) is constructed from a linear function S 1 and a final function s 2 is employed to map the output of S ) onto ⁇ 0, ... , k - 1 ⁇ , where s 2 is computed as the remainder from dividing the S 1 result by k . (If k is a power of two, we may compute s 2 by taking the log 2 k low-order bits of the S 1 result, which is a convenience, but is not actually required for our current purpose).
  • W 11 extract[0, u -I](W)
  • W v extract[ «, n - 1 ](W)
  • blocked matrix implementations are employed in [17, 18] for the following purposes.
  • They are used for 'pre- and post- whitening'; i.e., for mixing inputs and outputs to move the boundary of encoding outward, thereby rendering attacks on the internals of an implementation according to [17, 18] more ambiguous to the attacker.
  • pre- and post-whitening are simply encodings of the inputs and outputs of a cryptographic implementation, we can directly apply constructions of wide-input deeply nonlinear functions according to the above extension to [17, 18], with matrices blocked and all parts of these implementations encoded according to [17, 18].
  • Such pre- and post-whitenings certainly render far more arduous attacks on initial and final parts of a cryptographic implementation (e.g., initial and final rounds of a cipher) using known plain- or cipher-text attacks on its white box implementation.
  • the cipher (not AES but an AES variant) be implemented so that implementations of encryption and decryption do not occur in proximity to one another, since this would permit homomorphic mapping attacks. If only encryption, or only decryption, is available at a given site, this method provides strong protection against homomorphic mapping attacks.
  • the MixColumns matrix of AES maps 32-bit vectors to 32-bit vectors.
  • Brute force inversion of a function over a space of 2 32 « four billion inputs requires sorting about four billion elements. This is large, but not utterly infeasible in the current state of the art with current equipment. If it were twice as wide, however, such a sort would be infeasible using current methods and equipment, since it would require sorting a list of over 16 billion billion (1.6x10 19 ) entries. 2.7.6. Strengthening J 0/478,678 while Preserving the Value of its Metrics.
  • the compositional inverse of a permutation polynomial of low degree is typically a permutation polynomial of very high degree — usually close to the size of the ring (i.e., close to the number of elements it contains, which for rings of size 2 32 or 2 M is a very high degree indeed).
  • the polynomial inverses in the quadratic (degree 2) or higher analogues of the method of [20] is prohibitively expensive due to the massive exponentiations needed to compute inverses.
  • potency which is the 'badness' of a protected software in terms of perspicuity, estimated by typical software engineering metrics such as cyclomatic complexity
  • resilience which is the difficulty of deobfuscating the transform by means of a deobfuscating program such as Mocha
  • cost which is the amount of added overhead due to applying the transform (in terms of slower execution and/or bulkier code).
  • [9] proposes opaque computational values, and especially opaque predicates (see [9] ⁇ 6.1 column 15, ⁇ 8 column 26) for protecting control flow by making conditional branch (if) conditions obscure.
  • a much better method is to transform predicates using substitutions according to the identities disclosed or quoted herein in ⁇ 2.5.3, or disclosed in ⁇ 2.5.4, or discovered by employing the methods given herein in ⁇ 2.5.1 and ⁇ 2.5.2, which provide virtually unlimited, and hence unsearchably large, sets of usable identities, or preferably a combination of two or more the above, thereby rendering these encodings incapable of analysis using tools such as Mathematica TM , Matlab TM , or Maple TM , due to the simultaneous use of multiple, profoundly different mathematical domains within computations, while incurring substantially less overhead in code bulk and permitting much faster execution.
  • a permutation polynomial is an invertible polynomial, such as the degree- 1 (aff ⁇ ne) polynomials used for encoding in [20] or the degree-2 (quadratic), degree-3 (cubic), and degree-4 (quartic) polynomials added thereto in ⁇ 2.7.7.
  • Such permutation polynomials map elements to locations in a quasi-random, hash-table-Hke manner, and applying pre- and/or post-modifications of the indexing code employing substitutions according to the identities disclosed or quoted herein in ⁇ 2.5.3, or disclosed in ⁇ 2.5.4, or discovered by employing the methods given herein in ⁇ 2.5.1 and ⁇ 2.5.2, which provided access to an effectively unlimited, and hence unsearchably large, set of identities, or some combination of two or more of the above, will render such indexing computations incapable of analysis using tools such as Mathematica TM , Matlab TM , or Maple TM , due to the simultaneous use of multiple, profoundly different mathematical domains within computations, and will thus provide very much stronger obfuscation than that provided by the teachings of [9] ⁇ 7.2.2 without the enhancements disclosed here.
  • US patent 6,088,452 [19] obfuscates software (or hardware expressible programmatically in languages such as VHDL) by introducing cascades which cover all regions to be protected.
  • a cascade according to [19] is a data-flow graph in which every output depends on every input.
  • Each BB of the program has such a cascade.
  • the computations in the cascades are essentially arbitrary; their purpose is to transmit entropy without achieving useful work.
  • the level of protection afforded by [19] can be further improved by post-modifying the intertwined computations and cascades employing substitutions according to the identities disclosed or quoted herein in ⁇ 2.5.3, or disclosed in ⁇ 2.5.4, or discovered by employing the methods given herein in ⁇ 2.5.1 and ⁇ 2.5.2, which provided access to an effectively unlimited, and hence unsearchably large, set of identities, or some combination of two or more of the above, thereby rendering the intertwined computations and cascades incapable of analysis using tools such as Mathematica TM , Matlab TM , or Maple TM , due to the simultaneous use of multiple, profoundly different mathematical domains within computations.
  • tools such as Mathematica TM , Matlab TM , or Maple TM
  • k For each dimension of an array, we choose k to be either a prime number, preferably the smallest prime at least as large as that dimension, or a number of the form 2" , preferably choosing the smallest n for which 2" is at least as large as that dimension.
  • Z/(k) GF (k) , so that we may use essentially ordinary matrix computations over that field: a matrix is invertible precisely if its determinant is nonzero.
  • Z/(2") is a modular ring with a modulus typically having fewer bits that the platform's preferred computational word has, so that (unlike the other contexts in which the instant disclosure employs such rings) the modulus operation must be performed explicitly by a bitwise ⁇ (and) operation which ands the results of computations with a mask containing all zeros except for n low-order 1 -bits. In that case, the linear algebra must be adjusted since a matrix is only invertible if its determinant is odd.
  • the permutation polynomials above should be of low degree (for example, of degrees 1, 2, 3, or 4), but with inverses of high degrees, since there is no need in this use of permutation polynomials for inverting the polynomials. This makes computation of the polynomials inexpensive and computation of their inverses expensive, which is just what we want: it gives us substantial obscurity at low cost. Finding such permutation polynomials is easy: most permutation polynomials of low degree have inverses of high degree.
  • RPEs added to the computation of the preconsumption G computed in the preconsumption BB set Y when converting them into the consumption computation G' computed by the consumption BB set Y' must be essential; that is, the RPEs must be so combined with the normal computation which was present prior to installation of the interlock that the normal functionality can only occur, barring some extremely improbable coincidence, if the inputs expected by the rpe s on the basis of the production F' and the transfer R' have not suffered tampering.
  • any or all of the above methods may be further augmented by employing encodings obtained by further modifying those encodings listed in [2, 4, 5, 17, 18, 20] by employing the identities we disclose or quote in ⁇ 2.5.3, or disclose in ⁇ 2.5.4, or by means of identities created using the methods taught herein in ⁇ 2.5.1 or ⁇ 2.5.2, or identities found in the extension of [20] given in ⁇ 2.7.7.
  • x + may include the values of many variables, since it is a copy of some portion of a state space of the program.
  • Many such information-preserving alternatives would be obvious to those skilled in the art — so many, in fact, that it would be easy to choose them algorithmically on the basis of a random input during interlock installation.
  • BA[32] will be typically be greater than, or less than, v , very much more often: i.e., these relations are not preferred because they are not very restrictive.
  • N.B. Above, we speak of using the original values and their duplicates. (More generally, this may be replaced with the original values and their related values, or the inputs to the computation of the original values and the duplicates or values related to those inputs.) Instead of using the original values and their duplicates, we may also employ values and duplicates which are computed by means of these values; i.e., using these values as inputs, even if these values are computed after execution of the code in Y . That is, we may use the duplicates from X' to create more duplicates in Y' , and then employ those duplicates (or perhaps other forms of related values) in computations so as to induce highly probable failure when tampering occurs. This permits us many more choices of what copies to employ in generating code failing under tampering, thereby increasing the obscurity of the RPE G RPE which we choose when installing the interlock.
  • this alternative requires that we be able to analyze the net effect of computations added to V on the v, , v 2 pairs, in this case, to produce W 1 , W 1 pairs.
  • Such analysis may be very difficult if the data- and control-flow through V are sufficiently complex. Therefore, this method is only applicable where it can be restricted to modifications of a portion of the BBs in the bb set V which is sufficiently simple with respect to control- and data-flow to permit such computations with a specific net effect — the computation of the W 1 , w 2 pairs according to known, value- preserving formulas — to be added reliably.
  • the permissible level of complexity will thus depend on the sophistication of the available compiler data-flow analysis and control-flow analysis facilities.
  • the method is not always applicable, unlike alternatives (1) and (2) above.
  • Our preferred method of achieving this is to apply the same method or methods of injecting tamper-resistance to both the code added to create the interlocks and to the other code in the vicinity of that code, with the intensity of tamper- resistance varied from a high level for the interlock code itself and code in its immediate vicinity, to decreasing intensities for code increasingly remote from the interlock code, until finally we reach the greater bulk of the SBE's code, which may remain unchanged, since it is sufficiently remote from the interlock code so that no special protection is required to protect the installed interlocks.
  • the intensity of the protection can be varied from high to low by transforming a greater or lesser number of computations, a greater or lesser number of values, and by choosing transformations with higher or lower overheads and correspondingly higher or lower security. Analysis of such choices is provided by [5]. Such methods are applicable to all interlock components.
  • Additional tamper-resistance methods applicable to all interlock components can be obtained by combining any or all of [2, 4, 5, 9, 19, 20] or their extensions in ⁇ 2.7 and ⁇ 2.8 above with additional data and computation obfuscations obtained by adding any number of the identities disclosed or quoted in ⁇ 2.5.3, or disclosed in ⁇ 2.5.4, or generated by the methods in ⁇ 2.5.1 or ⁇ 2.5.2 to the identities employed to create the data and computation encodings of [2, 4, 5, 9, 19, 20], or the identities provided in the extension of [20] given in ⁇ 2.7.7.
  • obfuscation of greater or lesser intensity can be obtained by performing larger or smaller numbers of substitutions of expressions in the code to be obfuscated, where the substitutions replace expressions by equivalent expressions according to the identities disclosed or quoted in ⁇ 2.5.3, or disclosed in ⁇ 2.5.5, or generated by the methods in ⁇ 2.5.1 or ⁇ 2.5.2 to the identities employed to create the data and computation encodings of [2, 4, 5, 9, 19, 20], or their extensions in ⁇ 2.7 and ⁇ 2.8.
  • the number of such identities discoverable by such means grows so rapidly with the size of expressions that the supply of identities is virtually unlimited.
  • such obfuscation is applicable to all interlock components. Tamper-resistance is preferred to mere obfuscation, however, since tamper-resistance implies obscurity but also chaotic behavior under fault-injection attacks and other code- modification attacks.
  • This extends from re-interlocking to Y twice to re-interlocking to Y repeatedly any number of times, so that we can interlock X x to Y , and then X 1 to Y' , and then X 3 to Y" , and so on.
  • interlock chaining is useful in any situation where it is useful to tie together by interlocking a chain of BB sets, where tampering at any point will cause subsequent failures throughout the chain, thereby frustrating any intentions which a hacker may have had for attempting to subvert purposes of the original code.
  • X is basically interlocked to Y by identities concerning pairs of values initially computed in an OE of F and then employed in an RPE of G computed by Z in such a fashion that tampering which causes the members of these pairs to differ will cause GW E to fail to preserve the functionality of G ; i.e., it will cause computation of G RPE to fail.
  • BB set X which will be modified to create the production BB set X' , is a dominating set for BB set Y in the containing program.
  • BB set V there is one pretransfer BB set V containing the zero or more BBs on the paths between BBs in X and those in Y , which may or may not need to be modified into the transfer BB set V during the installation of the interlock.
  • BB set V there is nothing forcing us to have only one such preconsumption BB set
  • Condition-Dependent Interlocking There are a number of constructs in typical programming languages in which a conditional value is used to direct the flow of control during computation.
  • any attempt to interfere with the flow from U to V 1 ,..., V k or W by subverting the normal effect of the index condition / will fail.
  • condition c When a conditional binary branch occurs, as in the if-statement of Fig. 4(a), the condition c , typically computed using values provided in U , controls which of V or W is executed. This in turn affects values which are used in Z and thereafter. Thus the effect of the if-statement is ultimately to determine an effect on the state of the variables of the program as seen by Z and its sequel. If we can produce that same conditional effect without making V and W strictly alternative to one another, we can produce the effect of the if- statement without the conditional branch controlled by c .
  • conditional index i typically computed using values provided in U , controls which of F 1 or F 2 or • • • or V k or W is executed. This in turn affects values which are used in Z and thereafter.
  • the effect of the switch-statement is ultimately to determine an effect on the state of the variables of the program as seen by Z and its sequel. If we can produce that same conditional effect without making V x ,..., V k , W strictly alternative to one another, we can produce the effect of the switch-statement without the conditional indexed branch controlled by i .
  • r k+x and combine them using v , ⁇ , or + ; i.e., by computing r x v • • • v r k+x or r x ⁇ • • • • ⁇ r k+x or r x + ⁇ • ⁇ + r k+x , and since there is only one of the r t 's, say r ⁇ , which is retained, the result is to produce the result of the single retained set of computations while eliminating any results from the k suppressed sets of computations.
  • Fig. 5(a) we may also have an i f -statement such as that in Fig. 5(a), which is similar to that in Fig. 4(a) except that the else alternative is empty.
  • Fig 5 A there is illustrated pseudo-code for a conditional if statement with no else-code (i.e. an if statement which either executes the then-code or executes no code).
  • Figure 5B shows pseudo-code for a statement analogous to that in Fig 5A but where the choice among alternatives which have code and those which have no code is made by indexed selection (i.e. by the use of a switch statement with multiple alternatives) rather than by a boolean (true or false) choice as was the case with the i f statement in Figure 5 A.
  • the way we handle this is to convert the controlling conditions for the occupied alternatives into Boolean form, and to find an one-bit or all-bits Boolean representation for the value of the condition. At most one of these conditions can be true for a given execution of the multi-way conditional.
  • interlock to convert the preproduction computation into a production computation which packages a job for the server transfer computation, with the results received, unpackaged, and interpreted by a consumption computation on the same or a different client.
  • the interlock is structured almost in the normal way, but a buffer containing many values is transmitted by the production client to the transfer server, and a buffer containing many values is transmitted by the transfer server to the consumption client.
  • the transfer portion of the interlock is an interlock segment with the relational structure shown in Fig. 1.
  • the production and consumption portions of such a distributed interlock are interlock segments.
  • the image (mass-data-encoded or otherwise) of the transmitted data may be encrypted by the sender and decrypted by the recipient using white box cryptographic methods according to [17, 18], with the improvements taught in ⁇ 2.7.5, which provides a cryptographic level of protection for the transmission of data images among distributed segments.
  • X BB set which is a source of entropy, either because it has access to the program's inputs, from which we can compute a strong — perhaps cryptographically strong — hash, so that every small variation in the input drastically modifies the hash, or because it reads one or more effectively random sources such as the low-order bits of a highspeed hardware real-time clock or a randomness generation device which uses an unstable electronic process to produce 'noise' and convert it to a (genuinely) random bit stream.
  • variable-dependence the dependence of the data in the computations of the consumption BB set on the values of variables in the production BB using the method given in ⁇ 2.10.7 with the modification that the X BB set need not be an entropy source, so that none of the values from them need carry entropy.
  • circuit may be a software entity because it is expressible as a program written in a circuit-description programming language such as VHDL.
  • apreproduction BB set comprising one or more hardware circuits having a high-level description in VHDL or some similar programming language
  • a preconsumption BB set also comprising one or more hardware circuits with a high-level description in VHDL or a VHDL-like language.
  • Installing the interlock will change the preproduction set into the production set by modifying its VHDL or VHDL-like description much as it would be modified in the case of an ordinary programming language, thereby modifying the corresponding circuit created from the VHDL or VHDL-like description.
  • the interlock will change the preconsumption set into the consumption set by modifying its VHDL or VHDL-like description much as it would be modified in the case of an ordinary programming language, thereby modifying the corresponding circuit created from the VHDL or VHDL-like description.
  • we may interlock a circuit or circuits as a preproduction BB set to software or firmware code as a preconsumption BB set, or interlock software of firmware code as a.
  • preproduction BB set to a circuit or circuits as a preconsumption BB set.
  • the pretr ⁇ nsfer software may be, or may include, a circuit or circuits describable in VHDL or a VHDL-like language.
  • a circuit or circuits comprising a preproduction BB set is transformed into an encoded output extension (OE) of its original functionality;
  • a circuit or circuits comprising a pretransfer BB set is transformed into an encoded intervening aggregation (IA) of its original functionality with some bijection transferring extended information from its inputs to its outputs;
  • a circuit or circuits comprising a preconsumption BB set is transformed into an encoded reverse partial evaluation (RPE) of its original functionality.
  • OE encoded output extension
  • IA encoded intervening aggregation
  • RPE reverse partial evaluation
  • checksums are computed using a cryptographically strong hash: a hash function which has the property that, given a value for the checksum, it is very difficult to find an array of integers, or modifications to an array of integers, which will cause the checksum to have that value.
  • a cryptographically strong hash a hash function which has the property that, given a value for the checksum, it is very difficult to find an array of integers, or modifications to an array of integers, which will cause the checksum to have that value.
  • algorithms for computing such checksums are MD5 [13] and SHA-I [14].
  • An attacker can modify the code without triggering a failure due to checksum mismatch if the attacker can modify the code so that checksum mismatch does not trigger failure. That is, rather than trying to solve the potentially difficult problem of how to modify the code while preserving the checksum, the attacker may simply subvert the result of the mismatch by performing a small change, such as 'jamming' the branch taken on a failure condition (i.e., replacing that conditional branch with an unconditional branch) so that the failure branch never occurs irrespective of whether the checksum matches or not.
  • checksum algorithms whether simple ones of low security, or more secure ones such as MD5 [13] and SHA-I [14], are well known and hence recognizable.
  • the preproduction BB set (normally just one BB) computes and checks the checksum; the check of the checksum controls a conditional branch to the checksum-success or checksum- failure destination; the BB sets (normally just one BB each) at the destination of the conditional branch are preconsumption BBs, and the condition is checksum matching or failure to match. Installing such a condition-dependent interlock causes execution to fail if an attacker modifies the checksum checking code (e.g., by jamming the branch).
  • One approach is to divide the program to be protected into regions. Code in the current region (the region into which the program counter points) must be executable, but code in other regions need not be. We can take advantage of this fact to modify the image of the program prior to region-to-region transfers. Just before control transfers from region M to region N , the exit-code for region M modifies the code of M into an unexecutable state (except for the exit-code itself) and modifies the code of N into an executable state. This modification need not be large: a few bytes here and there are quite sufficient, if they are located strategically (e.g., if they form part of the code in the production BB set of an interlock, so that any small change causes failure).
  • the program code has at least one state per region, in which that region is executable and others are not, and hence at least one checksum per state and hence per region. Checksum code executed in a given region uses the checksum appropriate for that region.
  • a refinement is to employ multiple non-executable states and choose among them randomly (e.g., by selecting among them using the low-order bits of a real-time clock or process identifier or the like) or pseudo-randomly (e.g., by employing entropy from the inputs of the program to produce a hash and then employing the low-order bits of that hash to select among them). This increases the difficulty for the attacker in attempting to determine how to defeat such protections.
  • code which performs the code-state change during region transfer is likely to be obvious since it will use special instructions or system calls to achieve the change.
  • the final step is to interlock the computations which perform the state change with those which perform the next checksum check, and to perform interlock chaining among such code-state changes and checks. Then modifications to either the code-state changes or the code-state checks will cause chaotic behavior with high probability, thus frustrating any specific goals the attacker may have for behavioral changes to the code.
  • each data-segment contains some combination of scalar variables, arrays of scalar variables, pointers to other such data-segments, and arrays of pointers to other data-segments, in which the data-segments are linked together so that, regarding each segment as a node, and pointers as defining arcs, the structure is a directed graph, most nodes have an out-degree greater than one, most nodes have an in-degree greater than one, and for most pairs of nodes, there is more than one path from that node to another node.
  • Such a data structure can be implemented in the C or C++ programming languages or their allies as a series of structures (i.e., each is a structure in C or C++ ), containing scalar variables, arrays of scalar variables, pointer variables, and arrays of pointer variables), where the pointers are initialized either at program startup or at some subsequent time prior to their use as noted above for hiding a datum of some size.
  • the structures can be dynamically allocated using the ma 11 oc ( ) function or one of its allies in C or using the new operator in C++ .
  • a path in the repository comprises a sequence of values, where the values signify a series of scalar or pointer accesses. For example, we might assign numbers 1,...,64 to denote the first through 64 th scalar data fields in a struct (or elements, in an array), 65, ... , 128 to denote the first through 64 th pointer fields (or elements, in an array), 129, ...
  • ⁇ 2.6 also discloses a method for ensuring that the constant path is a dynamic constant (see the section above entitled Adding Dynamic Randomness); i.e., it is not predictable, at program startup — or at repository startup if the repository is transient — exactly which path will apply to a particular scalar stored in the repository: its path will vary among program runs, and among instantiations of the repository within a program run if the repository is transitory. Normally the path ends at a scalar or a scalar array.
  • the instant complex data structure method is not much help in concealing pointers, because a pointer must be in unencoded form to be used.
  • any particular encoding is determined by its two coefficients: its scale, which should be odd, and its bias, which is unrestricted.
  • Binding Applications to Shared Libraries When an application is linked together from various object code files, it often will import code for library routines which implement functionality common to many different applications.
  • Interlocking within library code where all components are within the library code itself, is just ordinary interlocking. There are variations, however, when some interlock components are in the library and others are in applications to which library code may be subsequently linked.
  • linking to library code requires behavioral protection via interlocking — e.g., to ensure that the correct library routine is called, rather than having its call omitted or diverted to some other routine, or to ensure that, on exit from the library routine, control is returned to the code following the call at the expected call site, rather than being diverted elsewhere.
  • the difficulty is that library code, in a fixed and often simultaneously sharable piece of code usable by multiple processes on a given platform, such as a dynamically-accessed* shared object (a . so — shared object — file for UnixTM or Linux platforms; a . dll — dynamically linked library — file for Windows TM platforms) cannot be modified in order to install an interlock.
  • a given group of library routines may be mapped into an application's address space at some time by a call to LoadLibrary(%), routines in it may be accessed using GetProcAddress(%), and after the application is finished with the group of routines, the group may be removed from the address space by calling FreeLibrary().
  • Interlocking from Library Code to Caller Code Interlocking from a set X of BBs in the library code to the variable set Y of BBs in the application using the library code is straightforward: we convert the preproduction code into production code computing an integral OE in the usual way, we let the IA be the identity IA — no modifications or transfer code required — and we modify the preconsumption code receiving information from the library into the consumption RPE in the usual way. Encoding is applied to form X' and Y' in the usual way. The only difference is that information about X 's OE and the X' encoding must be saved so that it can be used in preparing the code for Y 's RPE and the Y' encoding for each of the calling application using the library code.
  • Interlocking from Caller Code to Library Code It is the reverse form of interlocking, from a set X of preproduction BBs in the application employing the library code to a set Y of preconsumption BBs in the called library code which presents the problem, since the library code is created in advance without detailed knowledge of the calling application.
  • Embodiments of the invention may be implemented in any conventional computer programming language. For example, preferred embodiments may be implemented in a procedural programming language (e.g. "C") or an object oriented language (e.g. "C++"). Alternative embodiments of the invention maybe implemented as pre-programmed hardware elements, other related components, or as a combination of hardware and software components.
  • C procedural programming language
  • C++ object oriented language
  • Embodiments can be implemented as a computer program product for use with a computer system.
  • Such implementation may include a series of computer instructions fixed either on a tangible medium, such as a computer readable medium ⁇ e.g., a diskette, CD- ROM, ROM, or fixed disk) or transmittable to a computer system, via a modem or other interface device, such as a communications adapter connected to a network over a medium.
  • the medium may be either a tangible medium ⁇ e.g., optical or electrical communications lines) or a medium implemented with wireless techniques ⁇ e.g., microwave, infrared or other transmission techniques).
  • the series of computer instructions embodies all or part of the functionality previously described herein.
  • Such computer instructions can be written in a number of programming languages for use with many computer architectures or operating systems. Furthermore, such instructions may be stored in any memory device, such as semiconductor, magnetic, optical or other memory devices, and may be transmitted using any communications technology, such as optical, infrared, microwave, or other transmission technologies. It is expected that such a computer program product may be distributed as a removable medium with accompanying printed or electronic documentation (e.g., shrink wrapped software), preloaded with a computer system (e.g., on system ROM or fixed disk), or distributed from a server over the network (e.g., the Internet or World Wide Web).
  • some embodiments of the invention may be implemented as a combination of both software (e.g., a computer program product) and hardware. Still other embodiments of the invention may be implemented as entirely hardware, or entirely software (e.g., a computer program product).

Landscapes

  • Engineering & Computer Science (AREA)
  • General Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un procédé pour rendre un logiciel résistant à une ingénierie inverse. Le remplacement d'au moins une première constante (expression mathématique, etc.) dans une expression de calcul par une seconde expression mixte mathématique et booléenne sur les bits, la première constante étant plus simple que la seconde expression et la seconde expression étant basée sur la valeur ou les variables trouvées dans la première constante (ou expression). Une évaluation de la seconde expression mixte mathématique et booléenne sur les bits produit une valeur préservant la valeur de la première constante, soit: avec la valeur originale de la première constante ou la valeur d'origine du résultat de la première expression, auquel cas la seconde expression mixte mathématique et booléenne sur les bits est obtenue à partir de la première constante par conversion de la première constante au moyen d'identités mathématiques; ou sous une forme codée, sous forme d'une nouvelle valeur, qui peut être reconvertie dans la valeur d'origine de la première constante par application d'une fonction de décodage préservant l'information, auquel cas la seconde expression mixte mathématique et booléenne sur les bits est obtenue à partir de la première constante par modification de la première constante par combinaison d'une conversion en fonction des identités mathématiques et d'une transformation en fonction d'une fonction de codage préservant l'information.
PCT/CA2008/000331 2007-02-23 2008-02-21 Système et procédé de verrouillage afin de protéger les comportements médiés par logiciel de dispositifs et de programmes WO2008101340A1 (fr)

Priority Applications (3)

Application Number Priority Date Filing Date Title
CN2008800060715A CN101622627B (zh) 2007-02-23 2008-02-21 保护以软件为媒介的程序和装置性态的联锁系统和方法
EP08714653.6A EP2126775B1 (fr) 2007-02-23 2008-02-21 Système et procédé de verrouillage afin de protéger les comportements médiés par logiciel de dispositifs et de programmes
CA2678951A CA2678951C (fr) 2007-02-23 2008-02-21 Systeme et procede de verrouillage afin de proteger les comportements medies par logiciel de dispositifs et de programmes

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
US11/709,654 2007-02-23
US11/709,654 US8752032B2 (en) 2007-02-23 2007-02-23 System and method of interlocking to protect software-mediated program and device behaviours
US11/980,392 2007-10-31
US11/980,392 US8161463B2 (en) 2007-02-23 2007-10-31 System and method of interlocking to protect software—mediated program and device behaviors

Publications (1)

Publication Number Publication Date
WO2008101340A1 true WO2008101340A1 (fr) 2008-08-28

Family

ID=39709588

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CA2008/000331 WO2008101340A1 (fr) 2007-02-23 2008-02-21 Système et procédé de verrouillage afin de protéger les comportements médiés par logiciel de dispositifs et de programmes

Country Status (1)

Country Link
WO (1) WO2008101340A1 (fr)

Cited By (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2831794A4 (fr) * 2012-03-30 2016-03-09 Irdeto Bv Sécurisation de systèmes accessibles par l'utilisation d'un encodage de fonctions de base
CN111314274A (zh) * 2019-07-30 2020-06-19 厦门雅迅网络股份有限公司 一种车载终端与中心平台双向认证方法及系统

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6668325B1 (en) * 1997-06-09 2003-12-23 Intertrust Technologies Obfuscation techniques for enhancing software security
US20040139340A1 (en) * 2000-12-08 2004-07-15 Johnson Harold J System and method for protecting computer software from a white box attack
US6779114B1 (en) * 1999-08-19 2004-08-17 Cloakware Corporation Tamper resistant software-control flow encoding
US6842862B2 (en) * 1999-06-09 2005-01-11 Cloakware Corporation Tamper resistant software encoding
US20050166191A1 (en) 2004-01-28 2005-07-28 Cloakware Corporation System and method for obscuring bit-wise and two's complement integer computations in software
US20050210275A1 (en) * 1999-07-29 2005-09-22 Intertrust Technologies Corporation Software self-defense systems and methods

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6668325B1 (en) * 1997-06-09 2003-12-23 Intertrust Technologies Obfuscation techniques for enhancing software security
US6842862B2 (en) * 1999-06-09 2005-01-11 Cloakware Corporation Tamper resistant software encoding
US20050210275A1 (en) * 1999-07-29 2005-09-22 Intertrust Technologies Corporation Software self-defense systems and methods
US6779114B1 (en) * 1999-08-19 2004-08-17 Cloakware Corporation Tamper resistant software-control flow encoding
US20040139340A1 (en) * 2000-12-08 2004-07-15 Johnson Harold J System and method for protecting computer software from a white box attack
US20050166191A1 (en) 2004-01-28 2005-07-28 Cloakware Corporation System and method for obscuring bit-wise and two's complement integer computations in software

Non-Patent Citations (1)

* Cited by examiner, † Cited by third party
Title
See also references of EP2126775A1 *

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2831794A4 (fr) * 2012-03-30 2016-03-09 Irdeto Bv Sécurisation de systèmes accessibles par l'utilisation d'un encodage de fonctions de base
CN111314274A (zh) * 2019-07-30 2020-06-19 厦门雅迅网络股份有限公司 一种车载终端与中心平台双向认证方法及系统
CN111314274B (zh) * 2019-07-30 2023-02-10 厦门雅迅网络股份有限公司 一种车载终端与中心平台双向认证方法及系统

Similar Documents

Publication Publication Date Title
US9910971B2 (en) System and method of interlocking to protect software-mediated program and device behaviours
US9906360B2 (en) Securing accessible systems using variable dependent coding
Behera et al. Different obfuscation techniques for code protection
EP2656266B1 (fr) Améliorations apportées à la cryptographie à l'aide d'un code polymorphe
US20030221116A1 (en) Security framework for protecting rights in computer software
CA2384360A1 (fr) Codage de logiciel resistant a la fraude
WO2008101340A1 (fr) Système et procédé de verrouillage afin de protéger les comportements médiés par logiciel de dispositifs et de programmes
Plasmans White-box cryptography for digital content protection
Mercadier et al. OBSCURE: Versatile Software Obfuscation from a Lightweight Secure Element
Giraud et al. Faulting original McEliece's implementations is possible

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200880006071.5

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 08714653

Country of ref document: EP

Kind code of ref document: A1

WWE Wipo information: entry into national phase

Ref document number: 2678951

Country of ref document: CA

NENP Non-entry into the national phase

Ref country code: DE

REEP Request for entry into the european phase

Ref document number: 2008714653

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 2008714653

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 5764/DELNP/2009

Country of ref document: IN