Software Obfuscation Scheme based on XOR Encoding Scheme



Similar documents
CHAPTER 1 ENGINEERING PROBLEM SOLVING. Copyright 2013 Pearson Education, Inc.

SeChat: An AES Encrypted Chat

Secret File Sharing Techniques using AES algorithm. C. Navya Latha Garima Agarwal Anila Kumar GVN

A Comparative Study Of Two Symmetric Encryption Algorithms Across Different Platforms.

Secure Collaborative Privacy In Cloud Data With Advanced Symmetric Key Block Algorithm

DIGITAL RIGHTS MANAGEMENT SYSTEM FOR MULTIMEDIA FILES

AT&T Global Network Client for Windows Product Support Matrix January 29, 2015

CPU Organization and Assembly Language

A PERFORMANCE EVALUATION OF COMMON ENCRYPTION TECHNIQUES WITH SECURE WATERMARK SYSTEM (SWS)

Digital Rights Management

To add fractions we rewrite the fractions with a common denominator then add the numerators. = +

Tape Drive Data Compression Q & A

COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) CHARTERED BANK ADMINISTERED INTEREST RATES - PRIME BUSINESS*

COMPARISON OF FIXED & VARIABLE RATES (25 YEARS) CHARTERED BANK ADMINISTERED INTEREST RATES - PRIME BUSINESS*

ANALYSIS OF RSA ALGORITHM USING GPU PROGRAMMING

Information and Communications Technology Courses at a Glance

Chapter 2 Basic Structure of Computers. Jin-Fu Li Department of Electrical Engineering National Central University Jungli, Taiwan

Encryption and Decryption for Secure Communication

AES1. Ultra-Compact Advanced Encryption Standard Core. General Description. Base Core Features. Symbol. Applications

Cryptography and Network Security. Prof. D. Mukhopadhyay. Department of Computer Science and Engineering. Indian Institute of Technology, Kharagpur

Chapter 4 Register Transfer and Microoperations. Section 4.1 Register Transfer Language

Unit A451: Computer systems and programming. Section 2: Computing Hardware 1/5: Central Processing Unit

SECURE IMPLEMENTATIONS OF CONTENT PROTECTION (DRM) SCHEMES ON CONSUMER ELECTRONIC DEVICES

Input / Ouput devices. I/O Chapter 8. Goals & Constraints. Measures of Performance. Anatomy of a Disk Drive. Introduction - 8.1

Understanding Logic Design

LSN 2 Computer Processors

Analysis One Code Desc. Transaction Amount. Fiscal Period

Computer System: User s View. Computer System Components: High Level View. Input. Output. Computer. Computer System: Motherboard Level

High level code and machine code

Symantec's Secret Sauce for Mobile Threat Protection. Jon Dreyfus, Ellen Linardi, Matthew Yeo

A comprehensive survey on various ETC techniques for secure Data transmission

MPEG Unified Speech and Audio Coding Enabling Efficient Coding of both Speech and Music

Introduction. Application Security. Reasons For Reverse Engineering. This lecture. Java Byte Code

Sandy. The Malicious Exploit Analysis. Static Analysis and Dynamic exploit analysis. Garage4Hackers

ELECTENG702 Advanced Embedded Systems. Improving AES128 software for Altera Nios II processor using custom instructions

MXMedia CipherStream. Preliminary Assessment. Copyright 2012 Farncombe 1.0. Author: T F

University of Pennsylvania Department of Electrical and Systems Engineering Digital Audio Basics

Two-factor Protection Scheme in Securing the Source Code of Android Applications

DETERMINATION OF THE PERFORMANCE

Computer and Set of Robots

Core Curriculum to the Course:

Technical Safeguards is the third area of safeguard defined by the HIPAA Security Rule. The technical safeguards are intended to create policies and

Computer Architecture. Secure communication and encryption.

IJESRT. [Padama, 2(5): May, 2013] ISSN:

A Performance Analysis of Secure HTTP Protocol

Case 2:08-cv ABC-E Document 1-4 Filed 04/15/2008 Page 1 of 138. Exhibit 8

CPU Organisation and Operation

CENTERPOINT ENERGY TEXARKANA SERVICE AREA GAS SUPPLY RATE (GSR) JULY Small Commercial Service (SCS-1) GSR

Distributed Storage Networks and Computer Forensics

Network Security: Cryptography CS/SS G513 S.K. Sahay

Algorithms and Methods for Distributed Storage Networks 5 Raid-6 Encoding Christian Schindelhauer

SmartTV User Interface Development for SmartTV using Web technology and CEA2014. George Sarosi

A single register, called the accumulator, stores the. operand before the operation, and stores the result. Add y # add y from memory to the acc

Network Security. Security. Security Services. Crytographic algorithms. privacy authenticity Message integrity. Public key (RSA) Message digest (MD5)

SmartArrays and Java Frequently Asked Questions

(Refer Slide Time: 00:01:16 min)

Computer Science. About PaaS Security. Donghoon Kim Henry E. Schaffer Mladen A. Vouk

ADVANCED IC REVERSE ENGINEERING TECHNIQUES: IN DEPTH ANALYSIS OF A MODERN SMART CARD. Olivier THOMAS Blackhat USA 2015

Lecture 12: Software protection techniques. Software piracy protection Protection against reverse engineering of software

Pretty Good Privacy (PGP)

Lecture 9 - Message Authentication Codes

5 Combinatorial Components. 5.0 Full adder. Full subtractor

Design and Verification of Area-Optimized AES Based on FPGA Using Verilog HDL

IMPROVED SECURITY MEASURES FOR DATA IN KEY EXCHANGES IN CLOUD ENVIRONMENT

Report on the Examination

Floating Point Fused Add-Subtract and Fused Dot-Product Units

1 Construction of CCA-secure encryption

Chapter 23. Database Security. Security Issues. Database Security

Cryptography: Motivation. Data Structures and Algorithms Cryptography. Secret Writing Methods. Many areas have sensitive information, e.g.

Thick Client Application Security

A KIND OF IMPLEMENT ABOUT MOBILE SIGNATURE SERVICE BASED ON MOBILE TELEPHONE TERMINAL

what operations can it perform? how does it perform them? on what kind of data? where are instructions and data stored?

Northrop Grumman M5 Network Security SCS Linux Kernel Cryptographic Services. FIPS Security Policy Version

What Types of ECC Should Be Used on Flash Memory?

technology brief RAID Levels March 1997 Introduction Characteristics of RAID Levels

Overview/Questions. What is Cryptography? The Caesar Shift Cipher. CS101 Lecture 21: Overview of Cryptography

Third Southern African Regional ACM Collegiate Programming Competition. Sponsored by IBM. Problem Set

A Comprehensive Data Forwarding Technique under Cloud with Dynamic Notification

A numerically adaptive implementation of the simplex method

Central Processing Unit Simulation Version v2.5 (July 2005) Charles André University Nice-Sophia Antipolis

1. INTRODUCTION. Keywords SMS, GSM network, electrical device, encryption, control.

3 SOFTWARE AND PROGRAMMING LANGUAGES

Enhanced Vessel Traffic Management System Booking Slots Available and Vessels Booked per Day From 12-JAN-2016 To 30-JUN-2017

02 B The Java Virtual Machine

A Comparison of Self-Protecting Digital Content and AACS

DataTrust Backup Software. Whitepaper Data Security. Version 6.8

Analysis of the Mobile Endpoint Security Products Market Tackling the Shift to Mobility with a Strong Endpoint Security Solution.

Parallel Databases. Parallel Architectures. Parallelism Terminology 1/4/2015. Increase performance by performing operations in parallel

MOTOROLA ACCOMPLI 009 PERSONAL COMMUNICATOR MODULE OVERVIEW SCOPE OF DOCUMENT. Security Policy REV 1.2, 10/2002

Microsoft Smooth Streaming

Hill s Cipher: Linear Algebra in Cryptography

Transcription:

Software Obfuscation Scheme based on XOR Encoding Scheme KDDI R&D Laboratories, Inc. 27 th Mar. 2008 2008 2008 KDDI R&D Laboratories, Inc. Inc. All All right right reserved 1

My Research Area Software Protection Technique Software Obfuscation Scheme Software Verification Scheme Key Management Technique Group Key Management Scheme Broadcast Encryption Scheme Cryptographic Application Access Control System Digital Right Management Scheme 2

Background Platforms on mobile phones are being unified To reduce the development cost Analyses of application programs and the OS are becoming easy There is much important information in mobile phones KDDI started to provide various services Nov. 2004 Sep. 2005 Dec. 2006 Chaku-Uta Full Service (Music Distribution Service) EZ FeliCa Service (Mobile Payment Service) LISMO Video Clip Service (Movie Distribution Service) The risk of analysis for mobile phones is increasing KDDI needs software protection techniques 3

Software Obfuscation Software Obfuscation Scheme A software obfuscation scheme transforms an original program to a obfuscated program that is difficult to analyze The functionality of the program is maintained Obfuscated program CAN be executed Encryption Scheme An Encryption Scheme transforms an original program to an encrypted data Encrypted program CANNOT be executed We must decrypt the encrypted program to execute it Un-protected program is executes 4

Related Work (1) Obfuscation Schemes for Program Logics This type of schemes are used in many commercial or published obfuscation tools The schemes only obfuscate program logics Unprotected data may appear on the memory Does not provide sufficient security Obfuscation Schemes for Data Data are obfuscated Program logics are also transformed in order to deal with the obfuscated data Provide higher security since both data and program logics can be obfuscated 5

Related Work (2) Obfuscation Scheme based on Variable Encoding Technique [Sato et al., 2003] Encoding Technique Using a Linear Function Encodes a variable into exactly one variable y = ax + b Problems Does NOT Provide Sufficient Security Cannot obfuscate the dependencies of variables, such as references and substitutions Since there are one-to-one relations between the original variable and the encoded variable The Functionality of a Program may be changed Overflow may be caused by arithmetic operations 6

Our Proposed Scheme Our scheme uses XOR encoding to obfuscate data in a program which is: (1) Encoding type of ``Multi-to-Multi Multiple variables are simultaneously encoded to multiple variables Provide higher security than an encoding type of one-to-one (y = ax+b) in the existing work (2) Encoding based on Logical Operations Using only exclusive OR operations It does not cause overflows The functionality of a program is completely maintained It works much faster than arithmetic encoding the existing works 7

XOR Encoding Technique (1) Original Program Input Data Encoding Encoded Input Data Obfuscated Program Program Logics Obfuscated Program Logics Output Data Decoding Encoded Output Data Program logics as well as data are transformed so that it can deal with the encoded data 8

XOR Encoding Technique (2) The value of an original variable is distributed and stored to multiple encoded variables A encoded variables has information of multiple Original Variables original variables Encoded Variables Example 9

An Example Program calculates the sum from 1 up to n Two original variables x 1 and x 2 are encoded to encoded variables y 1, y 2 10

Features of the Proposed Scheme Provides Higher Security XOR encoding obfuscate both data and program logics It obfuscates the dependencies of variables as well as the values of them Completely Maintains the Functionality of a Program XOR encoding does not cause overflows Realize Low Computational Overhead XOR encoding runs fast since it uses only logical operations We can further reduce the overhead by applying this scheme only to important parts of a program Widely Applicable to Various Programs C, C++, Java, Assembly Code, Machine Code, and so on 11

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information