Second year review WP2 overview SW-based Method. Trento - October 17th, 2008

Transcription

1 Second year review WP2 overview SW-based Method Trento - October 17th,

2 Goal To investigate software-only methodologies for remote entrusting implementation 2

3 Tasks D2.3 D2.4 M0 M3 M6 M9 M12 M15 M18 M21 M24 M27 M30 M33 M36 T2.1 T2.2 T2.3 T2.4 T2.5 T2.6 3

4 Tasks M13 M14 M15 M16 M17 M18 M19 M20 M21 M22 M23 M24 M25 M26 M27 M28... T2.4 T2.5 T2.2 T2.3 T2.6 4

5 Tasks M13 M14 M15 M16 M17 M18 M19 M20 M21 M22 M23 M24 M25 M26 M27 M28... T2.4 T2.5 T2.2 T2.3 T2.6 5

6 Secure interlocking and authenticity checking T2.2 Definition of software techniques to securely combine an application with different protection and authentication mechanisms 6

7 Secure interlocking and authenticity checking T2.2 Remote Invariants Monitoring (POLITO) Remote Control-Flow Checking (POLITO) White-Box Remote Procedure Call (UNITN,KUL) Barrier Slicing (UNITN) 7

8 Secure interlocking and authenticity checking T2.2 Remote Invariants Monitoring (POLITO) Remote Control-Flow Checking (POLITO) Remote monitoring of program state, or White-Box Remote Procedure Call program execution flow (UNITN,KUL) Program Barrier traces Slicingsent from untrusted to trusted node 8

9 Secure interlocking and authenticity checking virtual machine Remote Invariants Monitoring (POLITO) Analysis of the application becomes not Remote Control-Flow possible Checking (POLITO) White-Box Remote Procedure Call (UNITN, KUL) Barrier Slicing (UNITN) T2.2 Program execution through an obfuscated 9

10 Secure interlocking and authenticity checking T2.2 Remote Invariants Monitoring (POLITO) Portions of the application executed on a Remote Control-Flow Checking trusted node either local (smart card or (POLITO) secure hardware), or remote White-Box Remote Procedure Call (UNITN,KUL) Barrier Slicing (UNITN) 10

11 Tasks M13 M14 M15 M16 M17 M18 M19 M20 M21 M22 M23 M24 M25 M26 M27 M28... T2.4 T2.5 T2.2 T2.3 T2.6 11

12 Dynamic replacement for increased tamper resistance T2.3 Investigation of innovative methods exploiting the time dimension to increase tamper resistance 12

13 Dynamic replacement for increased tamper resistance Remote Tamper-Resistance with Continuous Replacement (UNITN, POLITO, prof. Christian Collberg) Increased reverse engineering complexity through continuous replacement and mutant code (POLITO) Orthogonal replacement (UNITN) T2.3 13

14 Dynamic replacement for increased tamper resistance Remote Tamper-Resistance with Continuous Replacement (UNITN, POLITO, prof. Christian Collberg) T2.3 Program Exploiting divided continuous into blocks replacement sent from the trusted to increase node reverse to the untrusted engineering node The complexity untrusted node never (POLITO) holds the complete application Each block obfuscated with different transformations Orthogonal replacement (UNITN) including introduction of corrupted blocks Implementation deployed on Java code 14

15 Dynamic replacement for the trusted to the untrusted node and bound increased tamper Remote Tamper-Resistance with always different) Continuous Replacement (UNITN, Implementation POLITO, prof. deployed Christian on Collberg) x86 binary code Increased reverse engineering complexity through continuous replacement and mutant code (POLITO) Orthogonal replacement (UNITN) T2.3 into the application through code mutations The untrusted node never holds the complete application Each block dynamically resistance relocated during a single execution and over different executions (memory layout 15

16 Dynamic replacement for increased tamper resistance Remote Tamper-Resistance with Continuous Replacement (UNITN, A theoretical model to build different versions POLITO, prof. Christian Collberg) of a program and/or a program block Exploiting in such a continuous way that a replacement given version does to not increase provide reverse information engineering to reverse engineering complexity future (POLITO) versions Orthogonal replacement (UNITN) T2.3 16

17 Tasks M13 M14 M15 M16 M17 M18 M19 M20 M21 M22 M23 M24 M25 M26 M27 M28... T2.4 T2.5 T2.2 T2.3 T2.6 17

18 Increased reverse T2.4 engineering complexity for software protection Definition of pure software solutions to increase reverse engineering complexity 18

19 Increased reverse T2.4 engineering complexity for software protection Crypto guards (KUL) Fuzzing (KUL) White-Box Cryptography (KUL) Obfuscation of Java byte code (GEM) Obfuscation Techniques (KUL) SProT (KUL) 19

20 Increased reverse T2.4 engineering complexity for Crypto software guards (KUL) protection Fuzzing (KUL) White-Box Cryptography (KUL) A Obfuscation technique to protect of Java software byte code against analysis (GEM) and against tampering as well Deployed Obfuscation a binary Techniques level by (KUL) using the Diablo Software binary Protection rewriter Tool - SProT (KUL) 20

21 Increased reverse T2.4 engineering complexity for Crypto software guards (KUL) protection Fuzzing (KUL) White-Box Cryptography (KUL) Obfuscation of Java byte code Software testing technique (GEM) Submitting Obfuscation random Techniques or unexpected (KUL) data to an application and monitoring it for any Software Protection Tool - SProT resulting error (KUL) STILL IN A PRELIMINARY PHASE 21

22 Increased reverse T2.4 engineering complexity for Crypto software guards (KUL) protection Fuzzing (KUL) White-Box Cryptography (KUL) Obfuscation of Java byte code (GEM) Deep Obfuscation analysis of Techniques state-of-the-art (KUL) in WBC Software Protection Tool - SProT Proposal of a secure encryption scheme, (KUL) designed to be white-boxing 22

23 Java byte code obfuscation Increased reverse T2.4 engineering complexity for Layout obfuscation: debug information and identifier names Crypto removed guards Data obfuscation: (KUL) the way data is stored and software protection encoded changed Control flow obfuscation: the way the Fuzzing program runs (KUL) changed (e.g., method invocation, loops, branches) Preventive obfuscation: identification of weakness White-Box in current Cryptography de-obfuscation and (KUL) de-compilers to make them crash or fail Obfuscation of Java byte code (GEM) Obfuscation Techniques (KUL) SProT (KUL) 23

24 Increased reverse T2.4 engineering complexity for software protection Class Crypto containing guards control (KUL) flow obfuscation techniques Fuzzing such (KUL) as control flow graph flattening and opaque predicates White-Box Cryptography (KUL) Implemented in Txl a code transformation Obfuscation of Java byte code language (GEM) Obfuscation Techniques (KUL) Software Protection Tool - SProT (KUL) 24

25 Increased reverse T2.4 engineering complexity for software protection Crypto guards (KUL) Several Fuzzing analysis (KUL) resistance and tamper resistance techniques White-Box integrated Cryptography into (KUL) a single tool Obfuscation of Java byte code (GEM) WBC be means of white-box DES and white-box AES Obfuscation techniques Crypto Guards Obfuscation Techniques (KUL) Software Protection Tool - SProT (KUL) 25

26 Tasks M13 M14 M15 M16 M17 M18 M19 M20 M21 M22 M23 M24 M25 M26 M27 M28... T2.4 T2.5 T2.2 T2.3 T2.6 26

27 Design of T2.5 entrusting protocol Cryptographic and synchronization concerns of the communication protocol employed between trusted and untrusted node 27

28 Design of T2.5 entrusting protocol Preliminary design of the entrusting protocol (SPIIRAS) Analysis of the entrusting protocol (SPIIRAS) 28

29 Design of T2.5 Broad analysis of existing protocol formal entrusting design and verification protocol means Selection of two verification tools AVISPA and Isabelle Verification Definition of of the a correctness preliminary of the entrusting entrusting protocol protocol Analysis of the entrusting protocol 29

30 Tasks M13 M14 M15 M16 M17 M18 M19 M20 M21 M22 M23 M24 M25 M26 M27 M28... T2.4 T2.5 T2.2 T2.3 T2.6 30

31 Proof of concepts T2.6 Preliminary discussions about final proof of concept application: - Gemalto IP Multimedia Subsystem (IMS) server platform - On line games - VoIP

32 Proof of concepts T2.6 Proof of concept meeting (Trento May 29th 2008): - On line gaming application as target - Candidate game: car race game - Definition of basic requirements: distributed application, DRM, licensing 32

33 Conclusions All tasks in a healthy state Focus during the last year of the project on: - Entrusting protocol (T2.5) - Proof of concept (T2.6) 33