Preventing reverse engineering of native and managed programs
Published inJyväskylä studies in computing
One of the important aspects of protecting software from attack, theft of algorithms, or illegal software use is eliminating the possibility of performing reverse engineering. One common method used to deal with these issues is code obfuscation. However, it is proven to be ineffective. Code encryption is a much more effective means of defying reverse engineering, but it requires managing a cryptographic key available to none but the permissible users. The thesis presents a system for managing cryptographic keys in a protected environment and supporting execution of encrypted code. The system has strong security guarantees. In particular, the cryptographic keys are never stored on the target machine, but rather delivered to it from a remote server, upon a successful veriﬁcation of its authenticity. The keys and the decrypted instructions are protected by a thin hy- pervisor at all times. The system allows the encryption and execution of both native and Java code. During native code execution, the decrypted instructions are inaccessible to a potentially malicious code. This is achieved by either preventing execution of any other code or by protecting the memory region containing the decrypted instructions during their execution. Java programs, unlike native programs, are not executed directly by the processor, but are interpreted (and sometimes compiled) by the Java Virtual Machine (JVM). Therefore, the JVM will require the cryptographic key to decrypt the encrypted portions of Java code, and there is no feasible way of securing the key inside the JVM. The thesis proposes to implement a Java bytecode interpreter inside the secure environment, governed by a thin hypervisor. This interpreter will run in parallel to the standard JVM, both cooperating to execute encrypted Java programs. ...
PublisherUniversity of Jyväskylä
- Article I: Kiperberg, M.; Resh, A.; Zaidenberg, N.J. Remote Attestation of Software and Execution-Environment in Modern Machines. The 2nd IEEE International Conference on Cyber Security and Cloud Computing, 2015. DOI: 10.1109/CSCloud.2015.52
- Article II: Zaidenberg, N.J.; Neittaanmäki, P.; Kiperberg, M.; Resh, A.. Trusted Computing and DRM. Cyber Security: Analytics, Technology and Automation, vol. 78, pp. 205-212, 2015. DOI: 10.1007/978-3-319-18302-2_13
- Article III: Kiperberg, M.; Zaidenberg, N.J. Efficient Remote Authentication. The Journal of Information Warfare , vol.12, no.3, 2013.
- Article IV: Averbuch, A.; Kiperberg, M.; Zaidenberg, N.J. Truly-Protect: An Efficient VM-Based Software Protection. Systems Journal, IEEE , vol.7, no.3, pp. 455- 466, 2013. DOI: 10.1109/JSYST.2013.2260617
- Article V: Averbuch, A.; Kiperberg, M.; Zaidenberg, N.J. An efficient VM-based software protection. Network and System Security (NSS), 2011 5th International Conference, pp. 121-128, 2011. DOI: 10.1109/ICNSS.2011.6059968
- Article VI: Kiperberg, M.; Resh, A.; Algawi, A.; Zaidenberg, N.J. System for Executing Encrypted Java Programs. IEEE Transactions on Dependable and Secure Computing, Submitted.
- Article VII: Kiperberg, M.; Leon, R.; Resh, A.; Zaidenberg, N.J. System for Executing Encrypted Native Programs. IEEE Symposium on Security and Privacy, Submitted.
MetadataShow full item record
- Väitöskirjat