Rendering and encryption engine for application program obfuscation

US 20050069131A1
Filed: 09/25/2003
Published: 03/31/2005
Est. Priority Date: 09/25/2003
Status: Active Grant

First Claim

Patent Images

1. A method for application program obfuscation, comprising:

receiving a reference to a decryption algorithm and a first cryptographic key;

creating a key decryption program comprising an instruction stream, said key decryption program configured to perform said decryption algorithm for said first cryptographic key;

applying a cryptographic process to a second cryptographic key together with said first cryptographic key to create an encrypted second cryptographic key;

scrambling said encrypted second cryptographic key into said instruction stream using a code obfuscation method indicated by an obfuscation descriptor, said scrambling creating an obfuscated key decryption program, said obfuscation descriptor based at least in part on a target ID; and

sending said obfuscated key decryption program.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Obfuscation of an application program comprises receiving an obfuscated key decryption program comprising an instruction stream configured to perform a decryption algorithm for a first cryptographic key. The obfuscated key decryption program also has an encrypted second cryptographic key scrambled in its instruction stream. The second cryptographic key is encrypted with the first cryptographic key. The obfuscated key decryption program is executed to decrypt the second cryptographic key. The second cryptographic key is used for decrypting digital content.

114 Citations

View as Search Results

20 Claims

1. A method for application program obfuscation, comprising:
- receiving a reference to a decryption algorithm and a first cryptographic key;
  
  creating a key decryption program comprising an instruction stream, said key decryption program configured to perform said decryption algorithm for said first cryptographic key;
  
  applying a cryptographic process to a second cryptographic key together with said first cryptographic key to create an encrypted second cryptographic key;
  
  scrambling said encrypted second cryptographic key into said instruction stream using a code obfuscation method indicated by an obfuscation descriptor, said scrambling creating an obfuscated key decryption program, said obfuscation descriptor based at least in part on a target ID; and
  
  sending said obfuscated key decryption program.
- View Dependent Claims (2, 3, 4)
- - 2. The method of claim 1, further comprising sending digital content protected by said second cryptographic key.
  - 3. The method of claim 2, further comprising sending said obfuscated key decryption program together with said digital content.
  - 4. The method of claim 1 wherein said target ID comprises a VM ID.

5. A method for application program obfuscation, comprising:
- receiving an obfuscated key decryption program comprising an instruction stream configured to perform a decryption algorithm for a first cryptographic key, said obfuscated decryption program having an encrypted second cryptographic key scrambled in said instruction stream, said second cryptographic key encrypted with said first cryptographic key;
  
  executing said program to decrypt said second cryptographic key; and
  
  decrypting digital content using said second cryptographic key.

6. A program storage device readable by a machine, embodying a program of instructions executable by the machine to perform a method for application program obfuscation, the method comprising:
- receiving a reference to a decryption algorithm and a first cryptographic key;
  
  creating a key decryption program comprising an instruction stream, said key decryption program configured to perform said decryption algorithm for said first cryptographic key;
  
  applying a cryptographic process to a second cryptographic key together with said first cryptographic key to create an encrypted second cryptographic key;
  
  scrambling said encrypted second cryptographic key into said instruction stream using a code obfuscation method indicated by an obfuscation descriptor, said scrambling creating an obfuscated key decryption program, said obfuscation descriptor based at least in part on a target ID; and
  
  sending said obfuscated key decryption program.
- View Dependent Claims (7, 8, 9)
- - 7. The program storage device of claim 6, said method further comprising sending digital content protected by said second cryptographic key.
  - 8. The program storage device of claim 7, said method further comprising sending said obfuscated key decryption program together with said digital content.
  - 9. The program storage device of claim 6 wherein said target ID comprises a VM ID.

10. A program storage device readable by a machine, embodying a program of instructions executable by the machine to perform a method for application program obfuscation, the method comprising:
- receiving an obfuscated key decryption program comprising an instruction stream configured to perform a decryption algorithm for a first cryptographic key, said obfuscated decryption program having an encrypted second cryptographic key scrambled in said instruction stream, said second cryptographic key encrypted with said first cryptographic key;
  
  executing said program to decrypt said second cryptographic key; and
  
  decrypting digital content using said second cryptographic key.

11. An apparatus for application program obfuscation, comprising:
- means for receiving a reference to a decryption algorithm and a first cryptographic key;
  
  means for creating a key decryption program comprising an instruction stream, said key decryption program configured to perform said decryption algorithm for said first cryptographic key;
  
  means for applying a cryptographic process to a second cryptographic key together with said first cryptographic key to create an encrypted second cryptographic key;
  
  means for scrambling said encrypted second cryptographic key into said instruction stream using a code obfuscation method indicated by an obfuscation descriptor, said scrambling creating an obfuscated key decryption program, said obfuscation descriptor based at least in part on a target ID; and
  
  means for sending said obfuscated key decryption program.
- View Dependent Claims (12, 13, 14)
- - 12. The apparatus of claim 11, further comprising means for sending digital content protected by said second cryptographic key.
  - 13. The apparatus of claim 12, further comprising means for sending said obfuscated key decryption program together with said digital content.
  - 14. The apparatus of claim 11 wherein said target ID comprises a VM ID.

15. An apparatus for application program obfuscation, comprising:
- means for receiving an obfuscated key decryption program comprising an instruction stream configured to perform a decryption algorithm for a first cryptographic key, said obfuscated decryption program having an encrypted second cryptographic key scrambled in said instruction stream, said second cryptographic key encrypted with said first cryptographic key;
  
  means for executing said program to decrypt said second cryptographic key; and
  
  means for decrypting digital content using said second cryptographic key.

16. An apparatus for application program obfuscation, comprising an application program provider configured to:
- receive a reference to a decryption algorithm and a first cryptographic key;
  
  create a key decryption program comprising an instruction stream, said key decryption program configured to perform said decryption algorithm for said first cryptographic key;
  
  apply a cryptographic process to a second cryptographic key together with said first cryptographic key to create an encrypted second cryptographic key;
  
  scramble said encrypted second cryptographic key into said instruction stream using a code obfuscation method indicated by an obfuscation descriptor, said scrambling creating an obfuscated key decryption program, said obfuscation descriptor based at least in part on a target ID; and
  
  send said obfuscated key decryption program.
- View Dependent Claims (17, 18, 19)
- - 17. The apparatus of claim 16, said application program provider further configured to send digital content protected by said second cryptographic key.
  - 18. The apparatus of claim 17, said application program provider further configured to send said obfuscated key decryption program together with said digital content.
  - 19. The apparatus of claim 16 wherein said target ID comprises a VM ID.

20. An apparatus for application program obfuscation, comprising a target device configured to:
- receive an obfuscated key decryption program comprising an instruction stream configured to perform a decryption algorithm for a first cryptographic key, said obfuscated decryption program having an encrypted second cryptographic key scrambled in said instruction stream, said second cryptographic key encrypted with said first cryptographic key;
  
  execute said program to decrypt said second cryptographic key; and
  
  decrypt digital content using said second cryptographic key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle America, Inc. (Oracle Corporation)
Original Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Inventors
de Jong, Eduard K.

Granted Patent

US 8,220,058 B2
Time in Patent Office

Days
Field of Search
US Class Current

380/239
CPC Class Codes

G06F 21/14   against software analysis o...

G06F 2221/2107   File encryption

H04L 2209/16   Obfuscation or hiding, e.g....

H04L 2209/34   Encoding or coding, e.g. Hu...

H04L 2209/60   Digital content management,...

H04L 2209/80   Wireless network architectu...

H04L 9/065   Encryption by serially and ...

H04N 21/2347   involving video stream encr...

H04N 21/25816   involving client authentica...

H04N 21/41407   embedded in a portable devi...

H04N 21/42684   Client identification by a ...

H04N 21/4405   involving video stream decr...

H04N 21/6581   Reference data, e.g. a movi...

H04N 21/8173   End-user applications, e.g....

H04N 7/165   Centralised control of user...

H04N 7/1675   Providing digital key or au...

Rendering and encryption engine for application program obfuscation

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

114 Citations

20 Claims

Specification

Use Cases

Quick Links

Others

Rendering and encryption engine for application program obfuscation

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

114 Citations

20 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others