Information Hiding in Software with Mixed Boolean-Arithmetic Transforms

As increasingly powerful software analysis and attack tools arise, we need increasingly potent software protections. We generate an unlimited supply of obscuring transforms via mixed-mode computation over Boolean-arithmetic (mba) algebras corresponding to real-world functions and data. Such transforms resist reverse engineering with existing advanced tools and create NP-hard problems for the attacker. We discuss broad uses and concrete applications to aacs key hiding and software watermarking.

[1]  Jean Vuillemin,et al.  Digital Algebra and Circuits , 2003, Verification: Theory and Practice.

[2]  Paul C. van Oorschot,et al.  White-Box Cryptography and an AES Implementation , 2002, Selected Areas in Cryptography.

[3]  Paul C. van Oorschot Revisiting Software Protection , 2003, ISC.

[4]  David S. Johnson,et al.  Computers and Intractability: A Guide to the Theory of NP-Completeness , 1978 .

[5]  Christian S. Collberg,et al.  Watermarking, Tamper-Proofing, and Obfuscation-Tools for Software Protection , 2002, IEEE Trans. Software Eng..

[6]  Christian F. Tschudin,et al.  Protecting Mobile Agents Against Malicious Hosts , 1998, Mobile Agents and Security.

[7]  J. C. Byington,et al.  Mobile agents and security , 1998, IEEE Commun. Mag..

[8]  Adi Shamir,et al.  Cryptographic Applications of T-Functions , 2003, Selected Areas in Cryptography.

[9]  Yuan Xiang Gu,et al.  An Approach to the Obfuscation of Control-Flow of Sequential Computer Programs , 2001, ISC.

[10]  Ramarathnam Venkatesan,et al.  Oblivious Hashing: A Stealthy Software Integrity Verification Primitive , 2002, Information Hiding.

[11]  Gary L. Mullen,et al.  Polynomial functions (modm) , 1984 .

[12]  Henry S. Warren,et al.  Hacker's Delight , 2002 .

[13]  Nachum Dershowitz,et al.  Verification: Theory and Practice , 2004, Lecture Notes in Computer Science.

[14]  R. Rivest Permutation Polynomials Modulo 2w , 2001 .

[15]  Aggelos Kiayias,et al.  Polynomial Reconstruction Based Cryptography , 2001, Selected Areas in Cryptography.

[16]  Sanjeev Arora,et al.  Probabilistic checking of proofs: a new characterization of NP , 1998, JACM.

[17]  Christian F. Tschudin,et al.  Towards mobile cryptography , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).