Method and system for providing tamper-resistant software

US 20060048223A1
Filed: 08/31/2004
Published: 03/02/2006
Est. Priority Date: 08/31/2004
Status: Abandoned Application

First Claim

Patent Images

1. A method of providing tamper-proofing to software of interest, the method comprising:

providing a security-providing section as part of a tamper-resistant device;

providing a centralized service module for managing one or more security-providing sections in response to a request from a parent portion of the software to be protected;

in response to the request from the parent portion, executing, independent of the parent portion, the security-providing section from the tamper-resistant physical device in a dynamic analysis resistant computing environment under the control of the centralized service module; and

exchanging input and output data with the parent via a shared interface provided by the centralized service module.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method and system for protecting only a portion of the software to be protected against tampering is described. Such a portion may be stored in a tamper-resistant physical device, with optional encryption, for downloading when needed for execution. Several layers of tamper resistance are provided without excessively impacting performance of the protected software. For instance, obfuscation is applied to the code for the service module to minimize the large expense associated with obfuscation. The invention includes embodiments that deliver critical logic, policy information and other similar information with the help of mobile agents, which may be hosted by a server in a smart card.

268 Citations

32 Claims

1. A method of providing tamper-proofing to software of interest, the method comprising:
- providing a security-providing section as part of a tamper-resistant device;
  
  providing a centralized service module for managing one or more security-providing sections in response to a request from a parent portion of the software to be protected;
  
  in response to the request from the parent portion, executing, independent of the parent portion, the security-providing section from the tamper-resistant physical device in a dynamic analysis resistant computing environment under the control of the centralized service module; and
  
  exchanging input and output data with the parent via a shared interface provided by the centralized service module.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
- - 2. The method of claim 1, wherein managing of the security-providing sections includes delivery and execution of the security-providing sections.
  - 3. The method of claim 1, further comprising making code for the centralized service module hard to decipher.
  - 4. The method of claim 3, wherein the code for the centralized service module is obfuscated.
  - 5. The method of claim 1, further comprising dividing the software into a parent portion and one or more security-providing sections.
  - 6. The method of claim 5, wherein at least one security-providing section is a critical logic section such that it is required for running the software.
  - 7. The method of claim 1, wherein the security-providing section code is designed to generate output data that is greater than input data.
  - 8. The method of claim 1, wherein code for the security-providing section is one or more of:
    - encrypted;
      
      inclusive of policy information;
      
      stored on a hard-disk in a form opaque to usual file access mechanisms;
      
      stored on the tamper-resistant physical device external to the system where the parent portion is executing; and
      
      stored on a smart card.
  - 9. The method of claim 1, wherein the dynamic analysis resistant computing environment comprises one or more of a smart card, and a JAVA Virtual Machine.
  - 10. The method of claim 9, further comprising authenticating the security-providing section prior to executing code for the security-providing section.
  - 11. The method of claim 10, wherein secret data or a checksum provides a measure of integrity of the code for the security-providing section.

12. A system for providing tamper resistant software, the system comprising:
- a tamper-resistant device for storing critical logic;
  
  a service module having an interface for exchanging input and output data with a plurality of parents; and
  
  a dynamic analysis resistant computing environment for executing a critical logic under control of the service module.
- View Dependent Claims (13, 14)
- - 13. The system of claim 12, wherein the tamper resistant software comprises a parent and at least one critical logic section.
  - 14. The system of claim 12, wherein the tamper-resistant device for storing the critical logic section is one or more of a smart card, a set of hidden memory locations on a hard-disk, and encrypted data on a hard disk.

15. A method for executing tamper proof software, the method comprising:
- implementing a centralized service module with code that has been made hard to decipher;
  
  authenticating a tamper-resistant device;
  
  establishing a secure link between the tamper-resistant device and the centralized service module;
  
  receiving a critical logic from the tamper-resistant device with the aid of the secure link;
  
  executing the critical logic under the control of the centralized service module; and
  
  providing data to a parent via an interface provided by the centralized service module.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The method of claim 15, further comprising executing the centralized service module in a dynamic analysis resistant computing environment.
  - 17. The method of claim 15, further comprising receiving from the parent an indication for obtaining the critical logic.
  - 18. The method of claim 15, further comprising returning the critical logic to the tamper resistant device.
  - 19. The method of claim 18, further comprising destroying all copies of the critical logic under the control of the centralized service module.
  - 20. The method of claim 15, further comprising generating at least one key for encrypting the critical logic and any additional secret information, as part of the secure link, prior to sending the critical logic or the secret information to the centralized service module.
  - 21. The method of claim 15, wherein the critical logic is delivered via a mobile agent hosted by a server on a smart card.

22. A method of providing tamper-resistance to a software package, the method comprising:
- storing at least one critical logic code in a tamper resistant device;
  
  configuring the software package to request the at least one critical logic code for execution under the management of a centralized service module, wherein code for the centralized service module executes in a computing environment resistant to one or more of static and dynamic analysis, wherein the code for the centralized service module has been made hard to decipher; and
  
  configuring the software package to use at least one interface for sending data for or receiving data generated from the execution of the at least one critical logic code.
- View Dependent Claims (23, 24, 25, 26, 27, 28)
- - 23. The method of claim 22, wherein the code for the centralized service module is made hard to decipher by obfuscation.
  - 24. The method of claim 22, wherein execution of the at least one critical logic code is required for execution of the software package.
  - 25. The method of claim 22, wherein the at least one critical logic code is provided by a mobile agent.
  - 26. The method of claim 22, wherein the at least one critical logic code is stored in the tamper-resistant device such as a smart card or as encrypted data on a hard disk.
  - 27. The method of claim 26, wherein the at least one critical logic code is stored together with policy information in the tamper-resistant device, wherein the policy information is used by the centralized service module to decide whether to execute or obtain the at least one critical logic code from the tamper resistant device.
  - 28. The method of claim 22, wherein the computing environment resistant to one or more of static and dynamic analysis for the execution of the centralized service module is a Java Virtual Machine.

29. A centralized service module for managing the execution of code, the centralized service module executing in a computing environment resistant to one or more of static and dynamic analysis and implemented by code that is hard to decipher for static analysis.
- View Dependent Claims (30, 31)
- - 30. The centralized service module of claim 29, wherein the code for the centralized service module is obfuscated during compilation to make it hard to decipher.
  - 31. The centralized service module of claim 29, wherein the computing environment is provided by a Java Virtual Machine.

32. A smart card designed to operate with an external dynamic analysis resistant computing environment with authentication such that obfuscated code for a centralized service module executes in the external dynamic analysis resistant computing environment and the smart card provides at least one critical logic to achieve one or more of a generation of a desired result, operation of a software application, and operation of a software module.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
University of Hong Kong (Government of Hong Kong Special Administrative Region)
Original Assignee
University of Hong Kong (Government of Hong Kong Special Administrative Region)
Inventors
Tong, Frank Chi-Hung, Lau, Francis Chi-Moon, Lee, Michael Chun-To

Application Number

US10/929,941
Publication Number

US 20060048223A1
Time in Patent Office

Days
Field of Search
US Class Current

726/22
CPC Class Codes

G06F 21/14 against software analysis o...

Method and system for providing tamper-resistant software

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

268 Citations

32 Claims

Specification

Solutions

Use Cases

Quick Links

Method and system for providing tamper-resistant software

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

268 Citations

32 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links