Surreptitious Software

Transcription

1 Surreptitious Software Obfuscation, Watermarking, and Tamperproofing for Software Protection Christian Collberg Jasvir Nagra rw T Addison-Wesley Upper Saddle River, NJ Boston Indianapolis San Francisco New York Toronto Montreal London Munich Paris Madrid Capetown Sydney Tokyo Singapore Mexico City

2 Contents Preface xv About the Authors Acknowledgments xxv xxvii 1 What Is Surreptitious Software? Setting the Scene Attack and Defense Program Analysis A Simple Reverse Engineering Example Code Obfuscation Applications of Code Obfuscation Obfuscating Transformations Black Hat Code Obfuscation Tamperprooflng Applications of Tamperprooflng An Example Software Watermarking An Example Attacks on Watermarking Systems Software Similarity Plagiarism Software Forensics Birthmarking A Birthmarking Example Hardware-Based Protection Techniques Distribution with Physical Token Tying the Program to the CPU Ensuring Safe Execution Environment Encrypted Execution Physical Barriers 54 VII

3 viii Contents 1.9 Discussion Reasons to Use Software Protection and Reasons Not To So Which Algorithms Should I Use? Notation 58 2 Methods of Attack and Defense Attack Strategies A Prototypical Cracking Target What's the Adversary's Motivation? What Does the Adversary Get to Crack? What's the Adversary's Attack Methodology? What Tools Does the Adversary Use? What Techniques Does the Adversary Use? Discussion Defense Strategies Notation The cover Primitive The duplicate Primitive Thesp/zVand merge Primitives The reorder Primitive The map Primitive The indirect Primitive The mimic Primitive The advertise Primitive The defect-respond Primitive The dynamic Primitive Discussion Discussion What Do We Need from Attack and Defense Models? How Do We Use the Models to Devise Algorithms? Program Analysis Static Analysis Control Flow Analysis Data Flow Analysis Data Dependence Analysis Alias Analysis Slicing Abstract Interpretation Dynamic Analysis Debugging Profiling 161

4 Contents ix Tracing Emulation Reconstituting Source Disassembly Decompilation Pragmatic Analysis Style Metrics Software Complexity Metrics Software Visualization Discussion Code Obfuscation Semantics-Preserving Obfuscating Transformations Algorithm OBFCF: Diversifying Transformations Algorithm OBFTP: Identifier Renaming Obfuscation Executives Definitions Potent Obfuscating Transformations Efficient Obfuscating Transformations Stealth Other Definitions Complicating Control Flow Opaque Expressions Algorithm OBFWHKD: Control-Flow Flattening Introducing Aliasing Algorithm OBFCTJt, ogus : Inserting Bogus Control Flow Algorithm OBFLDK: Jumps Through Branch Functions Attacks Opaque Predicates Algorithm OBFCT} pointer : Opaque Predicates from Pointer Aliasing OBFWHKD opaque : Opaque Values from Array Aliasing Algorithm OBFCT]'thread: Opaque Predicates from Concurrency Breaking Opaque Predicates Data Encodings Encoding Integers Encoding Booleans Encoding Literal Data Encoding Arrays Breaking Abstractions Algorithm OBFWC S j g : Merging Function Signatures Algorithm OBFCT]^: Splitting and Merging Classes 279

5 4.6.3 Algorithm OBFDMRVSL: Destroying High-Level Structures Algorithm OBFAJV: Modifying Instruction Encodings Discussion Obfuscation Theory Definitions Provably Secure Obfuscation: Possible or Impossible? Turing's Halting Problem Algorithm REÄA: De-obfuscating Programs Provably Secure Obfuscation: It's Possible (Sometimes)! Algorithm OBFLBS: Obfuscating with Point Functions Algorithm OBFNS: Obfuscating Databases Algorithm OBFPP: Homomorphic Encryption Algorithm OBFCEJO: Whitebox DES Provably Secure Obfuscation: It's Impossible (Sometimes)! A General Obfuscator Obfuscating Learnable Functions Proving that Obfuscation Is Impossible Discussion Provably Secure Obfuscation: Can It Be Saved? Overcoming Impossibility Definitions Revisited: Make Obfuscation Interactive Definition Revisited: Make Obfuscation Non-Semantics Preserving Discussion Dynamic Obfuscation Definitions Moving Code Around Algorithm OBFKMNM: Replacing Instructions OBFAG swap - Self-Modifying State Machine OBFMAMDSB: Dynamic Code Merging Encryption OBFCKSP: Code as Key Material OBFAGayp t : Combining Self-Modification and Encryption 6.4 Discussion Software Tamperproofing Definitions Checking for Tampering 406

6 7.1.2 Responding to Tampering System Design Introspection Algorithm TPCA: Checker Network Generating Hash Functions Algorithm TPHMST: Hiding Hash Values The Skype Obfuscated Protocol Algorithm REWOS: Attacking Self-Hashing Algorithms Discussion Algorithm TPTCJ: Response Mechanisms State Inspection Algorithm TPCVCPSJ: Oblivious Hash Functions Algorithm TPjJV: Overlapping Instructions Remote Tamperproofing Distributed Check and Respond Solution Strategies Algorithm TPZG: Slicing Functions Algorithm TPSLSPDK: Measuring Remote Hardware TPCNS: Continuous Replacement Discussion Software Watermarking History and Applications Applications Embedding a Mark in Audio Embedding a Mark in an Image Embedding a Mark in Natural-Language Text Watermarking Software Definitions Watermark Credibility Attacks Watermarking vs. Fingerprinting Watermarking by Permutation Algorithm WMDM: Reordering Basic Blocks Renumbering Algorithm WMQP: Improving Credibility Tamperproofing Watermarks Algorithm WMMC: Embedding Media Watermarks Improving Resilience Algorithm WMSHKQ: Statistical Watermarking Improving Stealth 505

7 xii Contents Algorithm WMMIMIT: Mapping Instructions Algorithm WMWS: Watermarks in CFGs Algorithm WMCC: Abstract Interpretation Steganographic Embeddings Algorithm WMASB: The Compiler as Embedder Splitting Watermark Integers Splitting a Large Mark into Small Pieces Redundant Watermark Pieces Sparse Codes for Increased Credibility Graph Codecs Oriented Parent-Pointer Tree Radix Graphs Permutation Graphs Planted Plane Cubic Trees Reducible Permutation Graphs Discussion Embedding Techniques Attack Models Dynamic Watermarking Algorithm WMCT: Exploiting Aliasing A Simple Example Recognition Problems Increasing Bitrate Increasing Resilience to Attack Increasing Stealth Discussion Algorithm WMNT: Exploiting Parallelism Embedding Watermarking Widgets Embedding Example Recognition Avoiding Pattern-Matching Attacks Tamperproofing Widgets Discussion Algorithm WUCCDKHLS pat h s : Expanding Execution Paths Encoding and Embedding Recognition Discussion Algorithm WMCCDKHLSb/: Tamperproofing Execution Paths Embedding Recognition 595

8 9.4.3 Tamperproonng the Branches Discussion Discussion Software Similarity Analysis Applications Clone Detection Software Forensics Plagiarism Detection Birthmark Detection Definitions Similarity Measures /k-gram-based Analysis SSSWAWINNOW-' Selecting k-gram Hashes SSSWAMOSS: Software Plagiarism Detection SSMCkgram^ k-gram Java Bytecode Birthmarks API-Based Analysis SSTNMM: Object-Oriented Birthmarks SSTONMM: Dynamic Function Call Birthmarks SSSDL: Dynamic -gram API Birthmarks Tree-Based Analysis SSEFM: AST-Based Clone Detection Graph-Based Analysis SSKH: PDG-Based Clone Detection SSLCHY: PDG-Based Plagiarism Detection SSMC wpp : Dynamic Whole Program Birthmarks Metrics-Based Analysis SSKK: Metrics-Based Clone Detection SSLM: Metrics-Based Authorship Analysis Discussion Hardware for Protecting Software Anti-Piracy by Physical Distribution Distribution Disk Protection Dongles and Tokens Authenticated Boot Using a Trusted Platform Module Trusted Boot Taking Measurements TheTPM The Challenge 677

9 xiv Contents Social Trust and Privacy Issues Applications and Controversies Encrypted Execution The XOM Architecture Preventing Replay Attacks Fixing a Leaky Address Bus Fixing a Leaky Data Bus Discussion Attacks on Tamperproof Devices Tapping the Bus The Microsoft XBOX Hack Injecting Ciphertext Dallas Semiconductor DS5002FP Hacking Smartcards Non-Invasive Attacks Board-Level Protection Discussion 711 Bibliography 713 Index 737