AES-SEC: Improving Software Obfuscation through Hardware-Assistance

While the resilience of software-only code obfuscation remains unclear and ultimately depends only on available resources and patience of the attacker, hardware-based software protection approaches can provide a much higher level of protection against program analysis. Almost no systematic research has been done on the interplay between hardware and software based protection mechanism. In this paper, we propose modifications to Intel's AES-NI instruction set in order to make it suitable for application in software protection scenarios and demonstrate its integration into a control flow obfuscation scheme. Our novel approach provides strong hardware-software binding and restricts the attack context to pure dynamic analysis - two major limiting factors of reverse engineering - to delay a successful attack against a program.

[1]  Claudia Eckert,et al.  Hades - Hardware Assisted Document Security , 2006 .

[2]  James Newsome,et al.  CARMA: a hardware tamper-resistant isolated execution environment on commodity x86 platforms , 2012, ASIACCS '12.

[3]  Adrian Perrig,et al.  TrustVisor: Efficient TCB Reduction and Attestation , 2010, 2010 IEEE Symposium on Security and Privacy.

[4]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[5]  Ugo Piazzalunga,et al.  Security Strength Measurement for Dongle-Protected Software , 2007, IEEE Security & Privacy.

[6]  John Abraham,et al.  Software Protection by Hardware and Obfuscation , 2007, Security and Management.

[7]  Helmut Veith,et al.  An Abstract Interpretation-Based Framework for Control Flow Reconstruction from Binaries , 2008, VMCAI.

[8]  Stefan Katzenbeisser,et al.  Code Obfuscation against Static and Dynamic Reverse Engineering , 2011, Information Hiding.

[9]  Johann Großschädl,et al.  An Instruction Set Extension for Fast and Memory-Efficient AES Implementation , 2005, Communications and Multimedia Security.

[10]  William P. R. Mitchell Protecting Secret Keys in a Compromised Computational System , 1999, Information Hiding.

[11]  William K. Robertson,et al.  TRESOR-HUNT: attacking CPU-bound encryption , 2012, ACSAC '12.

[12]  Christian S. Collberg,et al.  A Taxonomy of Obfuscating Transformations , 1997 .

[13]  Swarup Bhunia,et al.  Embedded Software Security through Key-Based Control Flow Obfuscation , 2011, InfoSecHiComNet.

[14]  Toshiaki Tanaka,et al.  Obfuscation Mechanism in Conjunction with Tamper-Proof Module , 2009, 2009 International Conference on Computational Science and Engineering.

[15]  Hoeteck Wee,et al.  On obfuscating point functions , 2005, STOC '05.

[16]  Vikram S. Adve,et al.  LLVM: a compilation framework for lifelong program analysis & transformation , 2004, International Symposium on Code Generation and Optimization, 2004. CGO 2004..

[17]  Michael K. Reiter,et al.  Flicker: an execution infrastructure for tcb minimization , 2008, Eurosys '08.

[18]  G. Edward Suh,et al.  Physical Unclonable Functions for Device Authentication and Secret Key Generation , 2007, 2007 44th ACM/IEEE Design Automation Conference.

[19]  Johann Großschädl,et al.  Instruction Set Extensions for Efficient AES Implementation on 32-bit Processors , 2006, CHES.

[20]  Tao Zhang,et al.  Hardware assisted control flow obfuscation for embedded processors , 2004, CASES '04.

[21]  Shay Gueron White Box AES Using Intel's New AES Instructions , 2013, 2013 10th International Conference on Information Technology: New Generations.

[22]  Andreas Dewald,et al.  TRESOR Runs Encryption Securely Outside RAM , 2011, USENIX Security Symposium.

[23]  Johann Großschädl,et al.  Accelerating AES Using Instruction Set Extensions for Elliptic Curve Cryptography , 2005, ICCSA.

[24]  T. Alves,et al.  TrustZone : Integrated Hardware and Software Security , 2004 .

[25]  Andrew P. Martin,et al.  Towards an open, trusted digital rights management platform , 2006, DRM '06.

[26]  Peng Ning,et al.  SICE: a hardware-level strongly isolated computing environment for x86 multi-core platforms , 2011, CCS '11.

[27]  Amit Sahai,et al.  Positive Results and Techniques for Obfuscation , 2004, EUROCRYPT.