WO2011116446A1 - Système et procédé pour la sélection d'un algorithme au hasard afin de dissimuler de manière dynamique le fonctionnement d'un logiciel - Google Patents

Système et procédé pour la sélection d'un algorithme au hasard afin de dissimuler de manière dynamique le fonctionnement d'un logiciel Download PDF

Info

Publication number
WO2011116446A1
WO2011116446A1 PCT/CA2010/000393 CA2010000393W WO2011116446A1 WO 2011116446 A1 WO2011116446 A1 WO 2011116446A1 CA 2010000393 W CA2010000393 W CA 2010000393W WO 2011116446 A1 WO2011116446 A1 WO 2011116446A1
Authority
WO
WIPO (PCT)
Prior art keywords
alternative
computer software
source code
alternative implementations
software source
Prior art date
Application number
PCT/CA2010/000393
Other languages
English (en)
Other versions
WO2011116446A8 (fr
Inventor
Jiayuan Sui
Harold Joseph Johnson
Original Assignee
Irdeto Canada Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Irdeto Canada Corporation filed Critical Irdeto Canada Corporation
Priority to PCT/CA2010/000393 priority Critical patent/WO2011116446A1/fr
Publication of WO2011116446A1 publication Critical patent/WO2011116446A1/fr
Publication of WO2011116446A8 publication Critical patent/WO2011116446A8/fr

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/10Protecting distributed programs or content, e.g. vending or licensing of copyrighted material ; Digital rights management [DRM]
    • G06F21/12Protecting executable software
    • G06F21/14Protecting executable software against software analysis or reverse engineering, e.g. by obfuscation

Definitions

  • the present invention relates generalh' to software that is resistant to unauthorized analysis. More particularly, the present invention relates to systems and methods for the production of software code that randomizes usage of functionally equivalent algorithms such that analysis of the code either during run-time or during an attempt of reverse engineering is made more difficult. BACKGROUND OF THE INVENTION
  • an algorithm in this scenario is a sequence of computational steps that carries out a task or a set of tasks.
  • An algorithm can have various sizes. It can be very large, or it can be as small as a set of a few instructions.
  • An algorithm can contain smaller algorithms, which in turn can contain even smaller algorithms.
  • This hierarchy ma ⁇ ' have an ⁇ ' number of levels.
  • the present invention provides a system and method for the production of software code that randomizes usage of functional! ⁇ ' equivalent algorithms in order to deter an ⁇ ' useful analysis of the code either during run-time or during an attempt of reverse engineering.
  • the present invention provides a method of concealing computer software source code including: identifying at least one sequence of computational steps embodied in a computer software source code of a computer program; establishing a set of alternative implementations of the at least one sequence of computational steps; obtaining one alternative implementation randomly selected from the set of alternative implementations; and replacing the at least one sequence with the one alternative implementation to form an alternative embodiment of the computer software source code; wherein the computer software source code and the alternative embodiment of the computer software source code are diverse instances of functional! ⁇ ' equivalent code.
  • the present invention provides a system for concealing computer software source code, the system including: a set of machine executable code segments operable to produce software code that randomizes usage of functionally equivalent sequences of computational steps contained in the computer software source code, the machine executable code executable to perform the steps of: identifying at least one sequence of computational steps embodied in a computer software source code of a computer program; establishing a set of alternative implementations of the at least one sequence of computational steps; obtaining one alternative implementation randomly selected from the set of alternative implementations; and replacing the at least one sequence with the one alternative implementation to form an alternative embodiment of the computer software source code; wherein the computer software source code and the alternative embodiment of the computer software source code are diverse instances of functionally equivalent code.
  • the present invention provides an apparatus for concealing computer software source code including: means for identifying at least one sequence of computational steps embodied in a computer software source code of a computer program; means for establishing a set of alternative implementations of the at least one sequence of computational steps; means for obtaining one alternative implementation randomly selected from the set of alternative implementations; and means for replacing the at least one sequence with the one alternative implementation to form an alternative embodiment of the computer software source code; wherein the computer software source code and the alternative embodiment of the computer software source code are diverse instances of functionally equivalent code.
  • the present invention provides a computer readable memory medium storing computer software code for concealing computer software source code, the computer software code executable to perform the steps of: identifying at least one sequence of computational steps embodied in a computer software source code of a computer program; establishing a set of alternative implementations of the at least one sequence of computational steps; obtaining one alternative implementation randomly selected from the set of alternative implementations; and replacing the at least one sequence with the one alternative implementation to form an alternative embodiment of the computer software source code; wherein the computer software source code and the alternative embodiment of the computer software source code are diverse instances of functionally equivalent code.
  • FIGURE 1 is illustrates a known computer system in which the present invention may be embodied.
  • FIGURE 2 is a flow chart illustrating one embodiment of random algorithm selection at build time in accordance with the present invention.
  • FIGURE 2A is a flow chart illustrating another embodiment of random algorithm selection at build time in accordance with the present invention.
  • FIGURE 3 is a flow chart illustrating generation of alternative algorithms used by the random algorithm selection in accordance with the present invention.
  • FIGURE 4 is a flow chart illustrating random algorithm selection at run time in accordance with the present invention.
  • FIGURE 5 is a block diagram illustrating the dispatching of alternative algorithms in accordance with the present invention.
  • FIGURE 6 is an illustration of an example of alternative algorithm arrangement in memory in accordance with the present invention.
  • FIGURE 7 is an illustration of an example of multi-level random algorithm selection in accordance with the present invention.
  • FIGURE 8 is a block diagram illustrating an alternative dispatching mechanism for the dispatching of alternative algorithms in accordance with the present invention.
  • the present invention provides a method and system for producing software code that randomizes usage of functionalh' equivalent algorithms contained in the code. This effectively deters an - useful analysis of the code by an attacker either during run-time or during an attempt of reverse engineering.
  • An example of a computer system upon which the invention ma ⁇ ' be performed is presented as a block diagram in FIGURE 1.
  • This computer system 110 includes a display 112, keyboard 114, computer 116 and external devices 118.
  • the computer 116 ma ⁇ ' contain one or more processors or microprocessors, such as a central processing unit (CPU) 120.
  • the CPU 120 performs arithmetic calculations and control functions to execute software stored in an internal memory 122, preferabh' random access memory (RAM) and/or read only memory (ROM), and possibly additional memory 124.
  • the additional memory 124 ma ⁇ ' include, for example, mass memory storage, hard disk drives, floppy disk drives, magnetic tape drives, compact disk drives, program cartridges and cartridge interfaces such as those found in video game devices, removable memory chips such as EPROM or PROM, or similar storage media as known in the art.
  • This additional memory 124 ma ⁇ ' be physically internal to the computer 116, or external as in FIGURE 1
  • the computer system 110 ma ⁇ ' also include other similar means for allowing computer programs or other instructions to be loaded.
  • Such means can include, for example, a communications interface 126 which allows software and data to be transferred between the computer system 110 and external systems.
  • communications interface 126 can include a modem, a network interface such as an Ethernet card, a serial or parallel communications port.
  • Software and data transferred via communications interface 126 are in the form of signals which can be electronic, electromagnetic, and optical or other signals capable of being received by communications interface 126. Multiple interfaces, of course, can be provided on a single computer system 110.
  • I/O interface 128 administers control of the display 112, keyboard 114, external devices 118 and other such components of the computer system 110
  • the invention is implemented in terms of an intermediate compiler program running on a computer system 110.
  • Standard compiler techniques are well known in the art, and will not be reviewed in detail herein.
  • Two standard references which ma ' provide necessary background are "Compilers Principles, Techniques, and Tools” 1988 by Alfred Alio, Ravi Sethi and Jeffrey Ullnian (ISBN 0-201- 1008-6), and “Advanced Compiler Design & Implementation” 1997 by Steven Muchnick (ISBN 1-55860-320-4).
  • a software compiler is divided into three components, described as the front end, the middle, and the back end.
  • the front end is responsible for language dependent analysis, while the back end handles the machine-dependent parts of code generation.
  • a middle component ma ⁇ ' be included to perform optimizations that are independent of language and machine.
  • each compiler family will have only one middle, with a front end for each high-level language and a back end for each machine-level language. All of the components in a compiler family can generally communicate in a common intermediate language so the ⁇ ' are easily interchangeable.
  • This intermediate language is generally in a form which exposes both control- and data-flow so that the ⁇ ' are easily manipulated.
  • Such an intermediate form ma ⁇ - be referred to as flow- exposed form.
  • it is the intermediate code that will be manipulated to make the desired areas of the input software tamper-resistant.
  • SSA Static Single Assignment
  • SSA Static Single Assignment
  • Effective algorithms based on SSA have been developed to address constant propagation, redundant computation detection, dead code elimination, induction variable elimination, and other requirements.
  • the method of the invention could be applied to flow-exposed forms other than SSA, where these provide similar levels of semantic information, as in that provided in Gnu CC.
  • Gnu CC software is currently available at no cost from the Free Software Foundation.
  • the method of the invention could be applied to software in its high level or low level forms, if such forms were augmented with the requisite control-flow and data-flow information. This flexibility will become clear from the description of the encoding techniques described hereinafter.
  • an algorithm is generally a sequence of computational steps that carries out a task or a set of tasks.
  • the definition of algorithm should be understood to also encompass the implementations of algorithms. Therefore, an algorithm can be a set of computer instructions or a piece of high level software programming that carries out a task or a set of tasks on a computing device.
  • the software normally selects one out of a set of N algorithms to use. All of the N algorithms are functionally equivalent, though no two algorithms are the same in terms of their specific implementation. Each algorithm in this set of N algorithms is called an alternative algorithm.
  • Random algorithm selection in accordance with the present invention can be realized for an - segment of the software as long as there is a set of alternative algorithms for this segment of the software to choose from. It should therefore be understood that a segment could be the entire software if there are alternative algorithms (i.e., alternative implementations) of this software. Likewise, the segment could be a simple arithmetic operation if alternative algorithms (i.e., alternative operations) are available.
  • the random algorithm selection can happen in multiple levels.
  • hierarchy exists such that it is not uncommon that an algorithm uses other algorithms in its implementation, and the lower level algorithms in turn use other algorithms.
  • Random algorithm selection in accordance with the present invention can be activated at an ⁇ ' or all levels in this hierarchy.
  • a single algorithm can be diversified into many different instances based on the diversity of its sub-algorithms.
  • the number of diverse instances of the algorithm can be combinatorial! ⁇ ' large.
  • a simplified example of this would be that a given algorithm has three alternative algorithms, uses four sub- algorithms itself, and each of the sub-algorithms has five alternative algorithms.
  • each alternative algorithm can be chosen from the set of alternative algorithms uniformly at random and independent! ⁇ ' from one another.
  • An alternative feature ma ⁇ ' be that the probability distribution is not necessarily uniform. Rather, the probability of an alternative algorithm being chosen can be affected by external activities (i.e., actions applied externally to the software) and/or internal activities (i.e., actions generated within the software execution). For example, a user of the present invention can assign a weight to each alternative algorithm where the weight affects the frequency of each alternative algorithm being chosen. Therefore, based on the weight, certain alternative algorithms ma ⁇ ' be chosen more frequently than others. This configurability enables the user to manage the trade-off between performance and security. Such trade-off is due to certain alternative algorithms being more efficient than others, and the efficiency of an alternative algorithm ma ⁇ ' change from platform to platform.
  • random algorithm selection can be static and/or dynamic.
  • the selection from among alternative algorithms can be performed during the compilation and build cycle and/or is performed during the execution of the application at run-time.
  • the former method produces diverse instances of the software statically.
  • the latter which is dynamic random algorithm selection, enables the software to be different from one run to another.
  • the program contains all the alternative algorithms. It is therefore desirable to make the software resistant to static code analysis. That is to say, an attacker studying the binary of the executable without executing the program should not give the attacker meaningful information regarding the internal working of the software.
  • Man ⁇ - known techniques exist to make software less susceptible to static code analysis and can be utilized in a manner consistent with known programming techniques.
  • One such example includes the branch obfuscation technique of "Tamper Resistant Software Control-flow Encoding" as disclosed in United States Patent No. 6,799, 114 issued to Chow et al. on August 17, 2004.
  • FIGURE 2 illustrates a block flow diagram of the random algorithm selection system and method in accordance with a first embodiment of the present invention. In particular, this diagram shows one such random algorithm selection 100 during build time.
  • a set of algorithms Al, A2, ...AN; where N is an integer greater than 1, in the program, P, are chosen to be registered algorithms as seen by block 1. It should be understood that the registered algorithms together form the given implementation of the software program P.
  • a registered algorithm is an algorithm with which the present invention seeks to achieve diversity. For each of the registered algorithms, there is a corresponding set of alternative algorithms as seen in block 2. Alternative algorithms can be pre- written or generated at build time.
  • Alternative algorithms can be generated through mix-and-match sub alternative algorithms. For example, if a registered algorithm A has a few sub registered algorithms, then the different combinations of the sub alternative algorithms make different alternative algorithms for A. This idea can be further generalized. If some instructions and/or groups of instructions of a registered algorithm can be replaced by functionally equivalent but different instructions and/or groups of instructions, then the alternative algorithms for this registered algorithm can be generated by each time picking a different alternative from all of the valid choices for these instructions and/or groups of instructions.
  • a pattern set 23 and the registered algorithm 20 are inputted into the compiler 21, whereby the compiler's pattern matcher chooses a corresponding pattern for the current operation that is under evaluation.
  • the pattern set 23 can also include multi-node operations ⁇ i.e., for a group of operations there can be a functionalh' equivalent, but different, group of operations.
  • the selection process covers the algorithm graph with a consistent set of patterns from the alternatives found in matching. Selection is a constraint-solving problem which maximizes performance while balancing the security and size constraints.
  • Each run of the compiler on the registered algorithm will generate a different alternative algorithm 22a, 22b, 22c (i.e., alternative algorithms 1, 2, ... M; where M is an integer greater than 1 that ma ' differ from N) because of the different selections of the operation patterns in each run.
  • the random selection engine 7 chooses at random (in block 3) an algorithm from each set of alternative algorithms (from block 2) for each registered algorithm (from block 1).
  • the program (as shown in block 4) has each of its registered algorithms filled with a randomly selected alternative algorithm.
  • This program from 4 is then compiled and linked (at block 5), and the result is the final executable (as at block 6).
  • This process produces diverse instances of the executable which are functionalh' equivalent. In this particular illustration, it should be understood that the given executable is however statically diverse.
  • the random selection engine 7 has a pseudorandom number generator (PRNG) which acts in a known manner in order to generate randomness used in selecting alternative algorithms.
  • PRNG pseudorandom number generator
  • the random selection engine 7 needs to gather entropy in order to seed the PRNG. It can use simple but less secure methods such as calling the "rand" function in a standard C library to gather entropy, or ma ⁇ ' use more involved and much securer methods such as requesting entropy from a trusted hardware random number generator and letting this piece of hardware send the entropy back via secure channels.
  • PRNG pseudorandom number generator
  • FIGURE 2A An alternative build time embodiment of the present invention is shown by way of random selection engine 100a illustrated in FIGURE 2A.
  • the process illustrated here is similar to the operation of the random selection engine 110 of FIGURE 2.
  • the random selection engine 7 and the sets of alternative algorithms 2 combine with program P with branch obfuscation (as earlier discussed by way of example to Chow et al. or an ⁇ - similar technique) to produce the final executable code.
  • This process not only produces diverse instances of the executable with static diversity, but the executable is also produced to be capable of achieving dynamic diversity at run time.
  • FIGURE 2A compiles program P to an intermediate form at block 5.
  • the intermediate form is compiled in an ⁇ ' known manner. For instance, it should be understood that in either FIGURES 2 or 2A, compiling ma ⁇ ' be accomplished by known mechanisms such as, but not limited to, MSC (Microsoft C cross compilers), GCC (GNU Compiler Collection), or an ⁇ - suitable compiler system without straying from the intended scope of the present invention.
  • the intermediate form in block 5 is then subjected to a protection step.
  • bock 8 shows the step performing branch obfuscation, though other protection mechanisms are possible as mentioned above.
  • block 9 there is performed final object code generation whereby the output executable code at block 10 contains an obfuscated form of program P along with the random selection engine and the sets of alternative algorithms.
  • FIGURES 2 and 2A differ from one another in that FIGURE 2 has a conventional compile-link process, whereas the process in FIGURE 2A is extended to provide a stage at which branch obfuscation can be performed on intermediate code.
  • the conventional compile-link process (at block 5) of FIGURE 2 takes in only the program P, and thus the final executable there only represents P.
  • branch protection as shown in FIGURE 2A can be applied to the output from the compile/link step, or it can be applied somewhere within the compile/link step itself.
  • the compile/link step encompasses a transcoder (not shown)
  • branch protection can be applied during such transcoder stage, and then the protected code is outputted from the transcoder stage to a compile mechanism (e.g., GCC or MSC).
  • GCC GCC
  • MSC machine code
  • random algorithm selection at run time in accordance with the present invention is illustrated by a high-level, simplified block flowchart.
  • the random selection engine is invoked at block 31 to choose an algorithm from the corresponding set of alternative algorithms.
  • a dispatcher dispatches at block 32 the chosen alternative algorithm for the registered algorithm which then runs at block 33.
  • the dispatcher is a coding mechanism by which an alternative algorithm is identified and thereby obtained.
  • each dispatcher is able to dispatch any algorithm in the set of alternative algorithms 40a, 40b, 40c that corresponds to the given registered algorithm( Al, A2, ... AN).
  • the dispatcher uses the random selection engine 41 which itself is seeded by a source of entropy 42 as discussed previoush', to randomly select from among the alternative algorithm sets 40a, 40b, 40c. While the alternative algorithm sets 40a, 40b, 40c are shown arranged in sequential order in memory, it should be readily apparent that such arrangement ma ⁇ ' to some extent compromise security due. Accordingh', alternative algorithms for a registered algorithm do not need to be laid out next to each other in sequential order in memory. Indeed, further alternative arrangements are possible without straying from the intended scope of the present invention.
  • alternative algorithms for the same registered algorithm reside apart from each other in memory as illustrated by program 50 as shown in FIGURE 6.
  • random algorithm selection can occur on multiple levels.
  • the dispatcher mechanism can also be implemented in such a way that there is one dispatcher for each level of registered algorithm in the hierarchy.
  • the dispatcher can be implemented in man ⁇ ' ways without straying from the intended scope of the present invention.
  • the dispatcher can contain a table of function pointers (e.g., a call table) whereby each algorithm in the corresponding set of alternative algorithms is a function.
  • a table of function pointers e.g., a call table
  • each algorithm in the corresponding set of alternative algorithms is a function.
  • the dispatcher calls the corresponding function pointer.
  • the dispatcher ma ⁇ ' also be implemented in the instruction level.
  • the dispatcher 70 contains a table 70a of starting addresses of each alternative algorithm (e.g., a jump table).
  • the dispatcher branches to the starting address of the selected algorithm with a corresponding jump to the alternative algorithms 71.
  • a branch instruction returns to the instruction immediately following the registered algorithm.
  • This approach of FIGURE 8 is similar to conditional branches, thus the dispatcher can be implemented using conditional branches. There may be one conditional branching instruction per alternative algorithm.
  • the branch address is the starting address of the alternative algorithm.
  • the branch is taken on ' if the evaluation of the condition is true. Otherwise, the branch is not taken.
  • the random selection engine chooses an alternative algorithm, and sets the condition based on the choice.
  • the conditional branching instructions then evaluate the condition and decide whether or not to branch to the designated addresses.
  • RSA Rivest, Shamir and Adleman
  • Montgomery multiplication is used over and over again at least a few hundred times ⁇ i.e., the RSA private key exponentiation is implemented as a series of Montgomery multiplication executions. It is common practice that all of the Montgomery multiplications are implemented in the same manner. As such, it is not typically difficult for an attacker to identify RSA private key exponentiation from a transcript of an RSA execution.
  • CIOS Coarsely Integrated Operand Scanning
  • SOS Separate Operand Scanning
  • FIPS Finely Integrated Product Scanning
  • dynamic random algorithm selection is employed in accordance with the present invention, then for each Montgomery multiplication, one of these alternative algorithms is selected at random during run time.
  • the RSA private key exponentiation will be a chain of different algorithms.
  • this randomness makes less obvious from a transcript that a service (i.e., RSA private key exponentiation) is used over and over again.
  • dynamic random algorithm selection ma ⁇ ' be applied to the addition operation so that each addition operation in the Montgomery multiplication is dynamically chosen from a set of alternative algorithms at run time. This further diversifies an alternative algorithm of Montgomery multiplication, such as CIOS, into man ⁇ ' different instances.
  • the method steps of the invention ma ⁇ ' be embodied in sets of executable machine code stored in a variety of formats such as object code or source code.
  • Such code has been described genericalh' herein as algorithms, alternative algorithms, programming code, or a computer program for simplification.
  • the executable machine code ma ⁇ ' be integrated with the code of other programs, implemented as subroutines, by external program calls or by other techniques as known in the art.
  • the embodiments of the invention ma ' be executed by a computer processor or similar device programmed in the manner of method steps, or ma ' be executed by an electronic system which is provided with means for executing these steps.
  • an electronic memory means such computer diskettes, CD-ROMs, Random Access Memory (RAM), Read Only Memory (ROM) or similar computer software storage media known in the art, ma ⁇ - be programmed to execute such method steps.
  • electronic signals representing these method steps ma ⁇ ' also be transmitted via a communication network.

Landscapes

  • Engineering & Computer Science (AREA)
  • Software Systems (AREA)
  • Theoretical Computer Science (AREA)
  • Multimedia (AREA)
  • Technology Law (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un procédé et un système permettant de générer un code de logiciel qui introduit le hasard dans l'utilisation des algorithmes fonctionnellement équivalents contenus dans ledit code. Les algorithmes utilisés dans un code de logiciel donné sont remplacés au hasard par d'autres algorithmes correspondants, en conformité avec un moteur de sélection aléatoire. En association avec ce moteur de sélection aléatoire, un mécanisme de répartition identifie et obtient l'algorithme de remplacement souhaité qui va venir remplacer un algorithme enregistré correspondant à n'importe lequel des répartiteurs qui constituent le mécanisme de répartition. Cela empêche vraiment toute analyse utile du code par l'auteur d'une attaque, que ce soit pendant l'exécution ou pendant une tentative d'ingénierie inverse.
PCT/CA2010/000393 2010-03-24 2010-03-24 Système et procédé pour la sélection d'un algorithme au hasard afin de dissimuler de manière dynamique le fonctionnement d'un logiciel WO2011116446A1 (fr)

Priority Applications (1)

Application Number Priority Date Filing Date Title
PCT/CA2010/000393 WO2011116446A1 (fr) 2010-03-24 2010-03-24 Système et procédé pour la sélection d'un algorithme au hasard afin de dissimuler de manière dynamique le fonctionnement d'un logiciel

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
PCT/CA2010/000393 WO2011116446A1 (fr) 2010-03-24 2010-03-24 Système et procédé pour la sélection d'un algorithme au hasard afin de dissimuler de manière dynamique le fonctionnement d'un logiciel

Publications (2)

Publication Number Publication Date
WO2011116446A1 true WO2011116446A1 (fr) 2011-09-29
WO2011116446A8 WO2011116446A8 (fr) 2011-12-22

Family

ID=44672392

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/CA2010/000393 WO2011116446A1 (fr) 2010-03-24 2010-03-24 Système et procédé pour la sélection d'un algorithme au hasard afin de dissimuler de manière dynamique le fonctionnement d'un logiciel

Country Status (1)

Country Link
WO (1) WO2011116446A1 (fr)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150294114A1 (en) * 2012-09-28 2015-10-15 Hewlett-Packard Development Company, L.P. Application randomization
WO2019118145A1 (fr) * 2017-12-14 2019-06-20 Arris Enterprises Llc Procédé et appareil de codage dynamique de données lors de l'exécution
EP3445014A4 (fr) * 2016-09-27 2019-12-04 Shanghai Hongzhen Information Science & Technology Co. Ltd Dispositif et procédé de génération d'équivalents de fonction hétérogènes

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6463538B1 (en) * 1998-12-30 2002-10-08 Rainbow Technologies, Inc. Method of software protection using a random code generator
US6668325B1 (en) * 1997-06-09 2003-12-23 Intertrust Technologies Obfuscation techniques for enhancing software security
US20060136867A1 (en) * 2004-12-17 2006-06-22 Manfred Schneider Code diversification
US7263606B2 (en) * 2003-02-25 2007-08-28 Safenet, Inc. Method and apparatus for software protection via multiple-route execution
US20080127125A1 (en) * 2006-10-27 2008-05-29 Microsoft Corporation Virtualization For Diversified Tamper Resistance

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6668325B1 (en) * 1997-06-09 2003-12-23 Intertrust Technologies Obfuscation techniques for enhancing software security
US6463538B1 (en) * 1998-12-30 2002-10-08 Rainbow Technologies, Inc. Method of software protection using a random code generator
US7263606B2 (en) * 2003-02-25 2007-08-28 Safenet, Inc. Method and apparatus for software protection via multiple-route execution
US20060136867A1 (en) * 2004-12-17 2006-06-22 Manfred Schneider Code diversification
US20080127125A1 (en) * 2006-10-27 2008-05-29 Microsoft Corporation Virtualization For Diversified Tamper Resistance

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20150294114A1 (en) * 2012-09-28 2015-10-15 Hewlett-Packard Development Company, L.P. Application randomization
EP3445014A4 (fr) * 2016-09-27 2019-12-04 Shanghai Hongzhen Information Science & Technology Co. Ltd Dispositif et procédé de génération d'équivalents de fonction hétérogènes
US11201895B2 (en) 2016-09-27 2021-12-14 Shanhai Hongzhen Information Science & Technology Co. Ltd. Apparatus for generating heterogeneous functional equivalent and method thereof
WO2019118145A1 (fr) * 2017-12-14 2019-06-20 Arris Enterprises Llc Procédé et appareil de codage dynamique de données lors de l'exécution
US12007908B2 (en) 2017-12-14 2024-06-11 Arris Enterprises Llc Method and apparatus to dynamically encode data at runtime

Also Published As

Publication number Publication date
WO2011116446A8 (fr) 2011-12-22

Similar Documents

Publication Publication Date Title
US20130007881A1 (en) System and Method for Dynamic, Variably-Timed Operation Paths as a Resistance to Side Channel and Repeated Invocation Attacks
US6779114B1 (en) Tamper resistant software-control flow encoding
US8176473B2 (en) Transformations for software obfuscation and individualization
CN106462677B (zh) 一种保护软件项目的方法和装置
US9639377B2 (en) Method for linking and loading to protect applications
CN103348319B (zh) 用于有效部署整体多样化程序实例以抵抗差分攻击的系统和方法
US11227033B2 (en) Efficient obfuscation of program control flow
EP1190292A1 (fr) Codage de logiciel infalsifiable
JPH11511582A (ja) ソフトウエアおよびハードウエアのエンコード技術
CN101300584A (zh) 防止软件逆向工程、未经授权修改以及运行时数据截取的方法
Van Cleemput et al. Adaptive compiler strategies for mitigating timing side channel attacks
WO2002095546A2 (fr) Analyse et codage de logiciel resistant aux alterations
JP2021515314A (ja) コンパイルデバイス及び方法
Tsai et al. A graph approach to quantitative analysis of control-flow obfuscating transformations
WO2011116446A1 (fr) Système et procédé pour la sélection d'un algorithme au hasard afin de dissimuler de manière dynamique le fonctionnement d'un logiciel
Liem et al. A compiler-based infrastructure for software-protection
US11210135B2 (en) Lightweight dispatcher for program control flow flattening
Schrittwieser et al. Aes-sec: Improving software obfuscation through hardware-assistance
Fukuda et al. To prevent reverse-enginnering tools by shuffling the stack status with hook mechanism
CN105095698A (zh) 基于最近执行的程序代码的程序代码模糊处理
Fukushima et al. An obfuscation scheme using affine transformation and its implementation
Breuer Compiled Obfuscation for Data Structures in Encrypted Computing
Abrath Practical protections for native programs
Fu et al. Software Protection by Hardware and Obfuscation.
CN116226798A (zh) 应用运行方法及解释器

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 10848143

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 10848143

Country of ref document: EP

Kind code of ref document: A1