Delayed and Controlled Failures in Tamper-Resistant Software

Tamper-resistant software (TRS) consists of two functional components: tamper detection and tamper response. Although both are equally critical to the effectiveness of a TRS system, past research has focused primarily on the former, while giving little thought to the latter. Not surprisingly, many successful breaks of commercial TRS systems found their first breaches at the relatively naive tamper-response modules. In this paper, we describe a novel tamper-response system that evades hacker detection by introducing delayed, probabilistic failures in a program. This is accomplished by corrupting the program's internal state at well-chosen locations. Our tamper-response system smoothly blends in with the program and leaves no noticeable traces behind, making it very difficult for a hacker to detect its existence. The paper also presents empirical results to demonstrate the efficacy of our system.

[1]  Rafail Ostrovsky,et al.  Software protection and simulation on oblivious RAMs , 1996, JACM.

[2]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs , 2001, JACM.

[3]  Jack W. Davidson,et al.  Software Tamper Resistance: Obstructing Static Analysis of Programs , 2000 .

[4]  Amit Sahai,et al.  Positive Results and Techniques for Obfuscation , 2004, EUROCRYPT.

[5]  Mikhail J. Atallah,et al.  Protecting Software Code by Guards , 2001, Digital Rights Management Workshop.

[6]  Ramarathnam Venkatesan,et al.  Oblivious Hashing: A Stealthy Software Integrity Verification Primitive , 2002, Information Hiding.

[7]  Hoeteck Wee,et al.  On obfuscating point functions , 2005, STOC '05.

[8]  Christian S. Collberg,et al.  Watermarking, Tamper-Proofing, and Obfuscation-Tools for Software Protection , 2002, IEEE Trans. Software Eng..

[9]  David Aucsmith,et al.  Tamper Resistant Software: An Implementation , 1996, Information Hiding.

[10]  Yuan Xiang Gu,et al.  An Approach to the Obfuscation of Control-Flow of Sequential Computer Programs , 2001, ISC.

[11]  I. C. Pyle,et al.  A second‐order bug with delayed effect , 1971, Softw. Pract. Exp..

[12]  Paul England,et al.  High Assurance Computing on Open Hardware Architectures , 2003 .

[13]  Christian S. Collberg,et al.  A Taxonomy of Obfuscating Transformations , 1997 .

[14]  Robert E. Tarjan,et al.  Dynamic Self-Checking Techniques for Improved Tamper Resistance , 2001, Digital Rights Management Workshop.

[15]  Michael Wiener,et al.  Advances in Cryptology — CRYPTO’ 99 , 1999 .

[16]  Clark Thomborson,et al.  Manufacturing cheap, resilient, and stealthy opaque constructs , 1998, POPL '98.

[17]  Amit Sahai,et al.  On the (im)possibility of obfuscating programs : (Extended abstract) , 2001, CRYPTO 2001.

[18]  Paul England,et al.  NGSCB: A Trusted Open System , 2004, ACISP.