## A graph game model for software tamper protection (2007)

### Cached

### Download Links

- [research.microsoft.com]
- [profs.sci.univr.it]
- DBLP

### Other Repositories/Bibliography

Venue: | In Information Hiding |

Citations: | 2 - 1 self |

### BibTeX

@INPROCEEDINGS{Dedić07agraph,

author = {Nenad Dedić and Mariusz Jakubowski and Ramarathnam Venkatesan},

title = {A graph game model for software tamper protection},

booktitle = {In Information Hiding},

year = {2007}

}

### OpenURL

### Abstract

Abstract. We present a probabilistic program-transformation algorithm to render a given program tamper-resistant. In addition, we suggest a model to estimate the required effort for an attack. We make some engineering assumptions about local indistinguishability on the transformed program and model an attacker’s steps as making a walk on the program flow graph. The goal of the attacker is to learn what has been inserted by the transformation, in which case he wins. Our heuristic estimate counts the number of steps of his walk on the graph. Our model is somewhat simplified, but we believe both the constructions and models can be made more realistic in the future. 1

### Citations

166 | Manufacturing cheap, resilient, and stealthy opaque constructs
- Collberg, Thomborson, et al.
- 1998
(Show Context)
Citation Context ...graph. Computed jumps and opaque predicates can be usedsfor this. A computed jump explicitly calculates the jump-target address, and this calculation can be obfuscated. Similarly, an opaque predicate =-=[6]-=- calculates the value of a predicate in an obfuscated way. Sufficiently strong obfuscation can reduce the usefulness of control-flow analysis. Against data-flow analysis, the idea is to make the depen... |

160 | Software protection and simulation on oblivious RAMs
- Goldreich, Ostrovsky
- 1996
(Show Context)
Citation Context ...valid code). Protection of data segments against such attacks involves keeping all data in an encryptedrandomized form. 3.10 Secure-hardware oblivious execution of arbitrary programs In the scheme of =-=[10]-=-, P is converted into P ′ whose data access pattern is completely random. In each step, a fresh random address is accessed, and a random value is written to it. The scheme offers very good security gu... |

107 |
Tamper resistant software: an implementation
- Aucsmith
- 1996
(Show Context)
Citation Context ...ce. 3.3 Code checksums and integrity-verification kernels Tampering can be detected during runtime by loading code segments, and computing checksums. P runs only if they agree with precomputed values =-=[2]-=-. Attack. The task of loading a code segment for reading is an unusual occurrence in typical programs, and can be trapped. Using some hardware support, more generic attacks on code-checksum schemes ar... |

80 | A Chernoff bound for random walks on expander graphs
- Gillman
- 1993
(Show Context)
Citation Context ...ction of the program code, and checks have a chance to miss tampering. In this case, the algorithm Harden should be modified to insert checks only in U. Using some random walk lemmas (see for example =-=[9]-=-) and techniques similar to those of the previous section, one can prove similar lower bounds. We do not provide details in this article. In a more realistic model, the attack game can be changed to a... |

78 | Breaking abstractions and unstructural data structures
- Collberg, Thomborson
- 1998
(Show Context)
Citation Context ... approximately achieved by combining various obfuscating transformations, such as code replication, diversification and overlapping [1]; opaque constructs [6]; and data and control-flow randomization =-=[5]-=-. We will assume that the program is partitionied, where the partion is given by sets of flow graph nodes F1, . . . , Fn. By picking n properly and assuming the sizes of Fi’s are approximately the sam... |

44 | On obfuscating point functions
- Wee
(Show Context)
Citation Context ... the present state of software protection, models based on complexity theory offer mainly negative results [3, 11], with a handful of positive results that essentially formalize hashbased comparisons =-=[12, 18]-=-. Motivated by an assortment of heuristic techniques for tamper protection, we give a simplified model, which captures realistic scenarios and allows quantitative analysis of tamper-resistance. Our mo... |

35 |
Playing hide and seek with stored keys
- Shamir, Someren
- 1999
(Show Context)
Citation Context ...m. Iteration and randomization can be used to diffuse well. 3.9 Randomness detection attacks Some protection mechanisms may embed encrypted code segments, which may make them vulnerable to attacks of =-=[13]-=-. This attack was designed to find highentropy sections, such as cryptographic keys that may contain 1024 bits. To prevent code attacks, near-clear encryption of code may be used (by transforming a co... |

29 |
Oblivious Hashing: A Stealthy Software Integrity Verification
- Chen, Venkatesan, et al.
(Show Context)
Citation Context ...nsider a program fragment F that uses some set of variables X. For an assignment x to variables X, execution trace e(x) is the sequence of all values of X during execution of F (x). Oblivious hashing =-=[4]-=- is a method whereby for a subset of variables Z ⊆ X, F (x) produces a hash hZ(e(x)). For suitably chosen random inputs r, tampering with values of Z during execution of F (r) will produce e ′ for whi... |

29 | S.: Bmat - a binary matching tool for stale profile propagation
- Wang, Pierce, et al.
- 2000
(Show Context)
Citation Context ... A can make a preliminary guess for the location of one copy of L. A’s goal now is to find the locations where variations of L or its components may be scattered. Robust binary matching tools such as =-=[17]-=- can be used to identify other copies of L. Other attacks use flow graph analysis. That is, A computes the flow graph of G. The guessed copy of L induces a subgraph H. A copy of L elsewhere in the pro... |

23 | Positive results and techniques for obfuscation
- Lynn, Prabhakaran, et al.
- 2004
(Show Context)
Citation Context ... the present state of software protection, models based on complexity theory offer mainly negative results [3, 11], with a handful of positive results that essentially formalize hashbased comparisons =-=[12, 18]-=-. Motivated by an assortment of heuristic techniques for tamper protection, we give a simplified model, which captures realistic scenarios and allows quantitative analysis of tamper-resistance. Our mo... |

22 |
Rudich, Amit Sahai, Salil Vadhan, and Ke Yang. On the (im)possibility of obfuscating programs
- Barak, Goldreich, et al.
- 2001
(Show Context)
Citation Context ...eve both the constructions and models can be made more realistic in the future. 1 Introduction In this paper, we consider the problem of protecting a complex program against tampering. The results of =-=[3, 11]-=- mean that we cannot hope to solve this in general, namely in a model involving worst-case programs and polynomial-time adversaries. Hence it is natural to ask for practical solutions in some natural ... |

19 |
and Yael Tauman Kalai, On the impossibility of obfuscation with auxiliary input
- Goldwasser
- 2005
(Show Context)
Citation Context ...eve both the constructions and models can be made more realistic in the future. 1 Introduction In this paper, we consider the problem of protecting a complex program against tampering. The results of =-=[3, 11]-=- mean that we cannot hope to solve this in general, namely in a model involving worst-case programs and polynomial-time adversaries. Hence it is natural to ask for practical solutions in some natural ... |

15 | Hardware-assisted circumvention of self-hashing software tamper resistance
- Oorschot, Somayaji, et al.
- 2005
(Show Context)
Citation Context ...ask of loading a code segment for reading is an unusual occurrence in typical programs, and can be trapped. Using some hardware support, more generic attacks on code-checksum schemes are described in =-=[15]-=-. Unusual execution patterns (read accesses to code segment, paging faults) can be exploited. 3.4 Oblivious hashing Consider a program fragment F that uses some set of variables X. For an assignment x... |

3 |
Robust Mixing
- Ganapathy
- 2006
(Show Context)
Citation Context ... observing them. One could for example let A choose every other step adversarially. If A’s strategy is non-adaptive (i.e., each adversarial step depends only on the current node), then the results of =-=[8]-=- can be used to analyze attack complexity, and derive bounds similar to those of the previous section. We do not provide any details in this article. 7 Conclusion and Future Work This article presente... |

3 | Delayed and controlled failures in tamper-resistant systems
- Tan, Chen, et al.
- 2006
(Show Context)
Citation Context ...he response will be triggered only upon failure of a subset of checks y ⊆ {C1, . . . , Ck}, such that x ⊆ y for some x ∈ R. For a detailed account on a possible check response implementation refer to =-=[14]-=-. We note here that their implementation provides for tampering response after a specified number f of checks fail. Let us denote the corresponding response structure by Rf (C1, . . . , Ck). Then x ∈ ... |

1 |
Ramarathnam Venkatesan. Proteus: Virtualization for diversified tamper-resistance
- Anckaert, Jakubowski
- 2006
(Show Context)
Citation Context ...f attempts to disassemble, but it is unlikely using only these that one can force a significant number of runs of the disassembler. More flexibility is offered by virtualization and individualization =-=[1]-=-, where the idea is to force A into learning a new virtual machine (VM) for attacking each copy. An instance I of the program P is implemented as a (VI, PI), where VI is a virtual machine and PI is co... |