Software Obfuscation Scheme based on XOR Encoding Scheme

Transcription

1 Software Obfuscation Scheme based on XOR Encoding Scheme KDDI R&D Laboratories, Inc. 27 th Mar KDDI R&D Laboratories, Inc. Inc. All All right right reserved 1

2 My Research Area Software Protection Technique Software Obfuscation Scheme Software Verification Scheme Key Management Technique Group Key Management Scheme Broadcast Encryption Scheme Cryptographic Application Access Control System Digital Right Management Scheme 2

3 Background Platforms on mobile phones are being unified To reduce the development cost Analyses of application programs and the OS are becoming easy There is much important information in mobile phones KDDI started to provide various services Nov Sep Dec Chaku-Uta Full Service (Music Distribution Service) EZ FeliCa Service (Mobile Payment Service) LISMO Video Clip Service (Movie Distribution Service) The risk of analysis for mobile phones is increasing KDDI needs software protection techniques 3

4 Software Obfuscation Software Obfuscation Scheme A software obfuscation scheme transforms an original program to a obfuscated program that is difficult to analyze The functionality of the program is maintained Obfuscated program CAN be executed Encryption Scheme An Encryption Scheme transforms an original program to an encrypted data Encrypted program CANNOT be executed We must decrypt the encrypted program to execute it Un-protected program is executes 4

5 Related Work (1) Obfuscation Schemes for Program Logics This type of schemes are used in many commercial or published obfuscation tools The schemes only obfuscate program logics Unprotected data may appear on the memory Does not provide sufficient security Obfuscation Schemes for Data Data are obfuscated Program logics are also transformed in order to deal with the obfuscated data Provide higher security since both data and program logics can be obfuscated 5

6 Related Work (2) Obfuscation Scheme based on Variable Encoding Technique [Sato et al., 2003] Encoding Technique Using a Linear Function Encodes a variable into exactly one variable y = ax + b Problems Does NOT Provide Sufficient Security Cannot obfuscate the dependencies of variables, such as references and substitutions Since there are one-to-one relations between the original variable and the encoded variable The Functionality of a Program may be changed Overflow may be caused by arithmetic operations 6

7 Our Proposed Scheme Our scheme uses XOR encoding to obfuscate data in a program which is: (1) Encoding type of ``Multi-to-Multi Multiple variables are simultaneously encoded to multiple variables Provide higher security than an encoding type of one-to-one (y = ax+b) in the existing work (2) Encoding based on Logical Operations Using only exclusive OR operations It does not cause overflows The functionality of a program is completely maintained It works much faster than arithmetic encoding the existing works 7

8 XOR Encoding Technique (1) Original Program Input Data Encoding Encoded Input Data Obfuscated Program Program Logics Obfuscated Program Logics Output Data Decoding Encoded Output Data Program logics as well as data are transformed so that it can deal with the encoded data 8

9 XOR Encoding Technique (2) The value of an original variable is distributed and stored to multiple encoded variables A encoded variables has information of multiple Original Variables original variables Encoded Variables Example 9

10 An Example Program calculates the sum from 1 up to n Two original variables x 1 and x 2 are encoded to encoded variables y 1, y 2 10

11 Features of the Proposed Scheme Provides Higher Security XOR encoding obfuscate both data and program logics It obfuscates the dependencies of variables as well as the values of them Completely Maintains the Functionality of a Program XOR encoding does not cause overflows Realize Low Computational Overhead XOR encoding runs fast since it uses only logical operations We can further reduce the overhead by applying this scheme only to important parts of a program Widely Applicable to Various Programs C, C++, Java, Assembly Code, Machine Code, and so on 11