Presentation is loading. Please wait.

Presentation is loading. Please wait.

Investigating Provably Secure and Practical Software Protection

Published byJohanna Janssens Modified over 5 years ago

Similar presentations

Presentation on theme: "Investigating Provably Secure and Practical Software Protection"— Presentation transcript:

1 Investigating Provably Secure and Practical Software Protection
Lt Col Todd McDonald AFIT/ENG x4639

2 Research Interests Program Encryption
Program protection / secure coding Obfuscation / tamperproofing Mobile agent security / mobile code Information / database security Multi-agent architectures Trust-based computing

3 Three Focus Areas for Program Protection
Semantic Transformation Random Program Security Model / Randomizing Obfuscators Perfectly Secure White Box Obfuscators Goal: Characterize the aspects of program protection that can be done with some measurable degree of security

4 Program Scenario

5 Program Protection Adversarial Observation: Black Box Analysis
If the adversary cannot determine the function/intent of the device by input/ output analysis, we say it is black-box protected Adversarial Observation: Black Box Analysis White Box Analysis If the adversary cannot determine the function/intent of the device by analyzing the structure of the code, we say it is white-box protected Intent Protected: Combined black-box and white-box protection does not reveal the function/intent of the program

6 How to Define/Measure “Program Protection” Security
Explicitly Define adversary task and require that it is computationally difficult Disadvantage: lot of threats/some are difficult to formulate in terms of computational problems Implicitly Define ideal security model and require our case is nearly as good as ideal one Disadvantage: Barak et al. result shows this is impossible based

7 Where are we at? Obfuscation: somehow make something less recognizable
Known methods of obfuscation are reverse of good software engineering None guarantee impossibility of retrieving sensitive information or algorithms (concealment is not considered strong security, only deterrent) A determined specialist given enough time and resources is able to de-obfuscate any obfuscated program

8 Heuristic Metrics

9 Heuristic Obfuscation

10 Information Theoretic Definition of Obfuscation
Virtual black box (VBB): anything one can compute from the obfuscated program could also be computed from input-output behavior of the original program Program P Obfuscated Program P’ P’ = O(P) TTP ????? Oracle for P I O

11 Black Box Intent Protection a.k.a Semantic Transformation

12 Semantically Secure Black Box Protection
P’ = O(P)

13 White Box Protection ?? Circuit P’

14 Two “Provable” Approaches to White Box Protection
Try to hide/interleave the seem between P and E (using randomization and a random program model) How do we/can we characterize the hiding? Completely hide all intermediate operations (using perfect white-box protection via canonical reduction)

15 Random Programs/Circuits

16 Random Programs/Circuits

17 Correlating Program and Data Encryption
Randomizing Obfuscators

18 Perfect White Box Protection
main (int argc, char *argv) { int x,y; /* Get input from the user */ x = argv[1]; /* Super secret algorithm */ …….. /* Output the result */ cout << y; }

19 Perfect White Box Protection
What is the best we can hope for to protect the “structure” of the code that performs the secret algorithm? We want the program to act just like an oracle would We want the program to be a “black-box” implementation

20 Perfect White Box Protection = Black Box Implementation
main (int argc, char *argv) { int x,y; /* Get input from the user */ x = argv[1]; /* Super secret algorithm */ if (x == 1) y = ; else if (x == 2) y = 23; else if (x == 3) y = ; …. /* Output the result */ cout << y; }

21 Perfect White Box Protection
Problems with this approach: You have to know all inputs/outputs Therefore, the algorithm could never be efficient for all size input n Therefore, the algorithm could never be general for all programs Which lends support to impossibility results…

22 Perfect White Box Protection
But: Mobile code programs are targeted for small information exchanges Input size might be limited You may not care about the full range of possible inputs, only some…

23 Perfect White Box Protection
Regardless of efficiency: We can define a methodology for perfect white box protection We could apply that method for programs of small input size n (which is defined only by the amount of time or resources you want to apply to get the result) Those programs would be perfectly white box protected

24 Circuits Structural view of P: Consider circuit P 3 representations:
Algebraically (Boolean function) Structurally (circuit diagram) Truth table (input/output behavior) Structural view of P: INPUT(3) INPUT(2) INPUT(1) OUTPUT(7) OUTPUT(6) 4 = AND(3,2) 5 = OR(4,1) 6 = XOR(4,3) 7 = NAND(5,6)

25 Circuits Behavioral view of P:

26 Circuits Functional view of P: fP Derive it from structure
y6 = (x3x2(x3x2x3)’)’(((x3(x3x2x3)’)’)’ y7 = ((x3x2 + x1) (x3x2(x3x2x3)’)’(((x3(x3x2x3)’)’)’)’ Derive it from truth table y6 = x1’x2’x3 + x1x2’x3 y7 = x1’x2’x3’ + x1’x2’x3 + x1’x2x3’ + x1’x2x3 + x1x2’x3’ + x1x2x3’ + x1x2x3

27 So what does canonical minimization do?
All you need is the truth table or behavioral view to get an SOP form

28 So what does canonical minimization do for us?
This is what an oracle for P would “use” when asked questions about P … Any circuit that implements this truth table would then be a “black box implementation” of P

29 The “Logic” of Canonical P
if (x1 == 0) && (x2 ==0) & (x3==0) y6 = 1 y7 = 0 else if ((x1==0) && (x2==0) && (x3==1) y7 = 1

30 Can I ever recover the structure of the original P from canonical P?

31 Perfect White Box Protection Architecture

32 For Designing Catenation-Based Obfuscators : P’ = P + E

33 Questions ???

Download ppt "Investigating Provably Secure and Practical Software Protection"

Similar presentations

Boolean Algebra and Logic Gates

Boolean Algebra and Logic Gates
Switching circuits Composed of switching elements called “gates” that implement logical blocks or switching expressions Positive logic convention (active.

Switching circuits Composed of switching elements called “gates” that implement logical blocks or switching expressions Positive logic convention (active.
Quantum Money from Hidden Subspaces Scott Aaronson and Paul Christiano.

Quantum Money from Hidden Subspaces Scott Aaronson and Paul Christiano.
Logic Circuits Design presented by Amr Al-Awamry

Logic Circuits Design presented by Amr Al-Awamry
Physical Unclonable Functions and Applications

Physical Unclonable Functions and Applications
Oblivious Transfer based on the McEliece Assumptions

Oblivious Transfer based on the McEliece Assumptions
ENGIN112 L13: Combinational Design Procedure October 1, 2003 ENGIN 112 Intro to Electrical and Computer Engineering Lecture 13 Combinational Design Procedure.

ENGIN112 L13: Combinational Design Procedure October 1, 2003 ENGIN 112 Intro to Electrical and Computer Engineering Lecture 13 Combinational Design Procedure.
Combinational Logic Design

Combinational Logic Design
Quiz # 2 Chapters 4, 5, & 6.

Quiz # 2 Chapters 4, 5, & 6.
Secure Cloud Database. Introduction Cloud computing – IT as a service from third party service provider Security in cloud environment – Adversary corrupts.

Secure Cloud Database. Introduction Cloud computing – IT as a service from third party service provider Security in cloud environment – Adversary corrupts.
Charles Kime & Thomas Kaminski © 2004 Pearson Education, Inc. Terms of Use (Hyperlinks are active in View Show mode) Terms of Use Lecture 12 – Design Procedure.

Charles Kime & Thomas Kaminski © 2004 Pearson Education, Inc. Terms of Use (Hyperlinks are active in View Show mode) Terms of Use Lecture 12 – Design Procedure.
TOPIC : Introduction to Functional Modeling UNIT 1: Modeling Digital Circuits Module 1 : Functional Modeling.

TOPIC : Introduction to Functional Modeling UNIT 1: Modeling Digital Circuits Module 1 : Functional Modeling.
Develop America's Airmen Today... for Tomorrow Air University: The Intellectual and Leadership Center of the Air Force Integrity - Service - Excellence.

Develop America's Airmen Today... for Tomorrow Air University: The Intellectual and Leadership Center of the Air Force Integrity - Service - Excellence.
Computer Architecture I: Digital Design Dr. Robert D. Kent Logic Design Medium Scale Integration and Programmable Logic Devices Part I.

Computer Architecture I: Digital Design Dr. Robert D. Kent Logic Design Medium Scale Integration and Programmable Logic Devices Part I.
Applying White-Box Cryptography SoBeNet user group meeting October 8, 2004 Brecht Wyseur.

Applying White-Box Cryptography SoBeNet user group meeting October 8, 2004 Brecht Wyseur.
Black-box Testing.

Black-box Testing.
Week 6: Gates and Circuits: PART I READING: Chapter 4.

Week 6: Gates and Circuits: PART I READING: Chapter 4.
Sneha.  Gates Gates  Characteristics of gates Characteristics of gates  Basic Gates Basic Gates  AND Gate AND Gate  OR gate OR gate  NOT gate NOT.

Sneha.  Gates Gates  Characteristics of gates Characteristics of gates  Basic Gates Basic Gates  AND Gate AND Gate  OR gate OR gate  NOT gate NOT.
+ CS 325: CS Hardware and Software Organization and Architecture Gates and Boolean Algebra Part 2.

+ CS 325: CS Hardware and Software Organization and Architecture Gates and Boolean Algebra Part 2.
1 Information Security – Theory vs. Reality 0368-4474-01, Winter 2012-2013 Lecture 10: Garbled circuits and obfuscation Eran Tromer Slides credit: Boaz.

1 Information Security – Theory vs. Reality , Winter Lecture 10: Garbled circuits and obfuscation Eran Tromer Slides credit: Boaz.

Similar presentations

Ads by Google