A Secure and Robust Approach to Software Tamper Resistance

Software tamper-resistance mechanisms have increasingly assumed significance as a technique to prevent unintended uses of software. Closely related to anti-tampering techniques are obfuscation techniques, which make code difficult to understand or analyze and therefore, challenging to modify meaningfully. This paper describes a secure and robust approach to software tamper resistance and obfuscation using process-level virtualization. The proposed techniques involve novel uses of software checksumming guards and encryption to protect an application. In particular, a virtual machine (VM) is assembled with the application at software build time such that the application cannot run without the VM. The VM provides just-in-time decryption of the program and dynamism for the application's code. The application's code is used to protect the VM to ensure a level of circular protection. Finally, to prevent the attacker from obtaining an analyzable snapshot of the code, the VM periodically discards all decrypted code. We describe a prototype implementation of these techniques and evaluate the run-time performance of applications using our system. We also discuss how our system provides stronger protection against tampering attacks than previously described tamper-resistance approaches.

[1]  Koen De Bosschere,et al.  Software Protection Through Dynamic Code Mutation , 2005, WISA.

[2]  Dan Boneh,et al.  Architectural support for copy and tamper resistant software , 2000, SIGP.

[3]  Ramarathnam Venkatesan,et al.  Towards integral binary execution: implementing oblivious hashing using overlapped instruction encodings , 2007, MM&Sec.

[4]  Elaine Shi,et al.  Pioneer: verifying code integrity and enforcing untampered code execution on legacy systems , 2005, SOSP '05.

[5]  Paul C. van Oorschot,et al.  White-Box Cryptography and an AES Implementation , 2002, Selected Areas in Cryptography.

[6]  Aggelos Kiayias,et al.  Polynomial Reconstruction Based Cryptography , 2001, Selected Areas in Cryptography.

[7]  Aggelos Kiayias,et al.  On Crafty Pirates and Foxy Tracers , 2001, Digital Rights Management Workshop.

[8]  Mikhail J. Atallah,et al.  Protecting Software Code by Guards , 2001, Digital Rights Management Workshop.

[9]  Clark Thomborson,et al.  Manufacturing cheap, resilient, and stealthy opaque constructs , 1998, POPL '98.

[10]  Paul C. van Oorschot,et al.  A generic attack on checksumming-based software tamper resistance , 2005, 2005 IEEE Symposium on Security and Privacy (S&P'05).

[11]  Jonathon T. Giffin,et al.  Strengthening software self-checksumming via self-modifying code , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[12]  Tal Garfinkel,et al.  Terra: a virtual machine-based platform for trusted computing , 2003, SOSP '03.

[13]  Koen De Bosschere,et al.  Towards Tamper Resistant Code Encryption: Practice and Experience , 2008, ISPEC.

[14]  Ramarathnam Venkatesan,et al.  Proteus: virtualization for diversified tamper-resistance , 2006, DRM '06.

[15]  Robert E. Tarjan,et al.  Dynamic Self-Checking Techniques for Improved Tamper Resistance , 2001, Digital Rights Management Workshop.

[16]  Saumya K. Debray,et al.  Obfuscation of executable code to improve resistance to static disassembly , 2003, CCS '03.

[17]  P. Biondi,et al.  Silver Needle in the Skype , 2006 .

[18]  Mary Lou Soffa,et al.  Retargetable and reconfigurable software dynamic translation , 2003, International Symposium on Code Generation and Optimization, 2003. CGO 2003..

[19]  David Aucsmith,et al.  Tamper Resistant Software: An Implementation , 1996, Information Hiding.

[20]  Olivier Billet,et al.  Cryptanalysis of a White Box AES Implementation , 2004, Selected Areas in Cryptography.

[21]  Claudio Soriente,et al.  On the difficulty of software-based attestation of embedded devices , 2009, CCS.