Prevention of software tampering
First Claim
1. A method for authenticating a node in a distributed computing system, comprising:
- (a) altering a message using a predetermined algorithm at a first node, wherein the message is altered so that the message can be subsequently authenticated, and wherein the altering uses a protection key based at least in part on node-specific information of the first node;
(b) sending the altered message to a second node; and
(c) receiving the altered message at the second node;
(d) attempting to authenticate the altered message using the predetermined algorithm, wherein an authentication key is based at least in part on node specific information of the second node.
2 Assignments
0 Petitions
Accused Products
Abstract
In a distributed computing architecture, a method and system for authenticating a message as originating from an unaltered or unmodified node is provided. Prior to sending a messages a black box software module in a node validates the node to determine whether the node has been altered or modified without authorization. Once validated, the black box alters a message, using a black box protection scheme, in such a manner that the message can be subsequently authenticated. The black box module sends the altered message to a peer node, whose own black box authenticates the message using an authentication scheme corresponding to the protection scheme. Because validation is performed, each node may assume that the message originated from an unaltered node. The protection and/or validation scheme can be changed in regular intervals so that attackers do not have time to reverse engineer the black box. Alternatively, validation may be skipped and the key used to alter/protect each message may be based on the environment of the node performing the alteration/protection, so that nodes that have been altered will generate different keys than unaltered nodes, and will not be able to communicate.
-
Citations
26 Claims
-
1. A method for authenticating a node in a distributed computing system, comprising:
-
(a) altering a message using a predetermined algorithm at a first node, wherein the message is altered so that the message can be subsequently authenticated, and wherein the altering uses a protection key based at least in part on node-specific information of the first node;
(b) sending the altered message to a second node; and
(c) receiving the altered message at the second node;
(d) attempting to authenticate the altered message using the predetermined algorithm, wherein an authentication key is based at least in part on node specific information of the second node. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for authenticating a node in a distributed computing system, comprising:
-
(a) validating a host node using a predetermined validation scheme;
(b) encrypting a message using a predetermined key and a predetermined encryption algorithm when the host node is successfully validated in step (a);
(c) sending the encrypted message to a peer node;
(d) receiving the encrypted message at the peer node;
(e) attempting to decrypt the encrypted message using the predetermined key and the predetermined encryption algorithm; and
(f) changing at least one of the predetermined validation scheme, the predetermined encryption key and the predetermined encryption algorithm when a predetermined event occurs. - View Dependent Claims (13, 14)
-
-
15. In a distributed computer system, a node that authenticates a peer node based on a received message, comprising:
-
a protection module for altering messages using a predetermined algorithm that allows each message to be subsequently authenticated, and a protection key based at least in part on node specific information that changes when node software is altered;
an authentication module for authenticating altered messages received from other nodes using the predetermined algorithm and an authentication key based at least in part on the node specific information; and
control logic that permits the node to process a message when the message is successfully authenticated by the authentication module. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A computer readable medium storing computer readable instructions that, when executed, cause a computer system to perform a method for authenticating a node, comprising:
-
comparing elements of a program environment to expected values;
when the comparing step is successful, altering a message to send to a peer node based on a predetermined algorithm; and
changing any of the elements, a protection algorithm, and a protection key in intervals of time shorter than is required to recover the protection algorithm and the protection key and bypass the comparing step.
-
Specification