Method for Effective Tamper Resistance
First Claim
1. A method for preventing analysis and modification of software content, comprising:
- evolving keys using a one-way function that produces key values within a chosen mathematical subgroup, so that evolved key values will stay within the subgroup unless tampering occurs; and
regulating software program behavior with the evolved keys.
0 Assignments
0 Petitions
Accused Products
Abstract
A system, method, and computer program product for preventing a malicious user from analyzing and modifying software content. The one-way functions used in prior art systems using dynamically evolving audit logs or self-modifying applications are replaced with a one-way function based on group theory. With this modification, untampered key evolution will occur inside a defined mathematical group such that all valid key values form a subgroup. However, if the program is altered, the key will evolve incorrectly and will no longer be a member of the subgroup. Once the key value is outside of the subgroup, it is not possible to return it to the subgroup. The present invention provides a limited total number of valid keys. The key evolution points are not restricted to locations along the deterministic path, so the key can be used in various novel ways to regulate the program'"'"'s behavior, including in non-deterministic execution paths.
31 Citations
36 Claims
-
1. A method for preventing analysis and modification of software content, comprising:
-
evolving keys using a one-way function that produces key values within a chosen mathematical subgroup, so that evolved key values will stay within the subgroup unless tampering occurs; and regulating software program behavior with the evolved keys. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A method for preventing analysis and modification of software content, comprising:
-
evolving keys using a one-way function that produces key values within a chosen mathematical subgroup, so that evolved key values will stay within the subgroup unless tampering occurs; recording specific software program execution events in a dynamically evolving event log having values dependent on an evolving key and on previous log values; and transmitting the event log to a clearinghouse for detection of tampering. - View Dependent Claims (17)
-
-
18. A computer program product comprising a machine-readable storage medium tangibly embodying program instructions thereon for preventing analysis and modification of software content, the instructions comprising:
-
a first code means for evolving keys using a one-way function that produces key values within a chosen mathematical subgroup, so that evolved key values will stay within the subgroup unless tampering occurs; and a second code means for regulating software program behavior with the evolved keys. - View Dependent Claims (19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32)
-
-
33. A product for preventing analysis and modification of software content, comprising:
-
evolving keys using a one-way function that produces key values within a chosen mathematical subgroup, so that evolved key values will stay within the subgroup unless tampering occurs; recording specific software program execution events in a dynamically evolving event log having values dependent on an evolving key and on previous log values; and transmitting the event log to a clearinghouse for detection of tampering. - View Dependent Claims (34)
-
-
35. A system for preventing analysis and modification of software content, comprising:
-
means for evolving keys using a one-way function that produces key values within a chosen mathematical subgroup, so that evolved key values will stay within the subgroup unless tampering occurs; and means for regulating software program behavior with the evolved keys.
-
-
36. (canceled)
Specification