Tamper resistant methods and apparatus
First Claim
1. An apparatus comprising:
- an execution unit for executing programming instructions; and
a storage medium coupled to the execution unit, having stored therein a plurality of programming instruction blocks to be executed by the execution unit during operation, the programming instruction blocks operating on corresponding subparts of a secret distributed among them, and the execution being distributed over a period of time.
1 Assignment
0 Petitions
Accused Products
Abstract
In accordance with a first aspect of the present invention, a security sensitive program that operates with a secret is made tamper resistant by distributing the secret in space as well as in time. In accordance with a second aspect of the present invention, a security sensitive program is made tamper resistant by obfuscating the program. In accordance with a third aspect of the present invention, a security sensitive application is made tamper resistant by isolating its security sensitive functions, and making the isolated security sensitive functions tamper resistant by distributing the secrets of the security sensitive functions in time as well as in space, and/or obfuscating the security sensitive functions. In one embodiment where obfuscation is employed, the pseudo-randomly selected pattern(s) of mutations is (are) unique for each installation. In accordance with a fourth aspect of the present invention, a security sensitive system with security sensitive applications is made further tamper resistant by deploying an interlocking trust mechanism. In accordance with a fifth aspect of the present invention, a content industry association, in conjunction with content manufacturers, content reader manufacturers, and content player manufacturers of the industry jointly implement a coordinated encryption/decryption scheme, with the player apparatus manufactured by the content player manufacturers employing playing software that include tamper resistant decryption functions.
222 Citations
57 Claims
-
1. An apparatus comprising:
-
an execution unit for executing programming instructions; and a storage medium coupled to the execution unit, having stored therein a plurality of programming instruction blocks to be executed by the execution unit during operation, the programming instruction blocks operating on corresponding subparts of a secret distributed among them, and the execution being distributed over a period of time. - View Dependent Claims (2, 3)
-
-
4. A machine implemented method for executing a program that operates on a secret in a tamper resistant manner, the method comprising the steps of:
-
a) executing a first unrolled subprogram of the program at a first point in time, with the first unrolled subprogram operating on a first subpart of the secret; and b) executing a second unrolled subprogram of the program at a second point in time, with the second unrolled subprogram operating on a second subpart of the secret. - View Dependent Claims (5, 6)
-
-
7. An apparatus comprising:
-
an execution unit for executing programming instructions; and a storage medium having stored therein a plurality of programming instructions to be executed by the execution unit during operation, wherein when executed, in response to a secret being provided, the programming instructions partition the secret into a plurality of subparts, and generate a plurality of programming instruction blocks that operate on the subparts. - View Dependent Claims (8, 9)
-
-
10. A machine implemented method for generating a tamper resistant program to operate on a secret, the method comprising the steps of:
-
a) receiving the secret; b) partitioning the secret into a plurality of subparts; and c) generating a plurality of subprograms to correspondingly operate on the subparts of the secret. - View Dependent Claims (11, 12)
-
-
13. An apparatus comprising:
-
an execution unit for executing programming instructions; and a storage medium having stored therein a plurality of programming instruction blocks to be executed by the execution unit, the programming instruction blocks being stored in a mutated form, except for at least one programming instruction block, which is stored in a plaintext for m, wherein the mutated programming instruction blocks are recovered into the plaintext form during execution on an as needed basis. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. A machine implemented method for executing a program, the method comprising:
-
a) executing a first of a plurality of subprograms generated to obfuscate the program; b) computing mutation partners for a plurality of memory cells storing the plurality of subprograms, using a key, the subprograms being stored initially in the memory cells in a mutated form, except for at least one memory cell, which is stored initially in a plaintext form; c) mutating the memory cells in accordance with the computed mutation partnering to recover a second of the plurality of subprograms for execution. - View Dependent Claims (20, 21, 22, 23, 24)
-
-
25. An apparatus comprising:
-
an execution unit for executing programming instructions; and a storage medium having stored therein a first plurality of programming instructions to be executed by the execution unit, wherein when executed, in response to a program input, the first plurality of programming instructions generate a plurality of subprograms for the program to obfuscate the program, the subprograms being generated in a mutated form, except for at least one program, which is generated in a plaintext form, the subprograms being further generated with logic to recover the subprograms in plaintext form on an as needed basis. - View Dependent Claims (26, 27, 28, 29, 30, 31, 32, 33, 34, 35)
-
-
36. A machine implemented method for generating a plurality of subprograms for a program to obfuscate the program, the method comprising the steps of:
-
a) analyzing the program for branch flow; b) restructuring and partitioning the program into a plurality of subprograms; and c) determining a schedule in terms of a plurality of memory cells for recovering the subprograms in a plaintext form for execution, and initial state values for the memory cells to store the subprograms in the memory cells in a mutated form, except for at least one subprogram, which is stored in one of the memory cells in the plaintext form. - View Dependent Claims (37, 38, 39, 40, 41, 42)
-
-
43. An apparatus comprising:
-
an execution unit for executing programming instructions; a storage medium having stored therein a first and a second plurality of programming instructions to be executed by the execution unit, the first and second plurality of programming instructions implementing an application with the first plurality of programming instructions implementing a security sensitive function of the application and the second plurality of programming instructions implementing a non-security sensitive function of the application, the first plurality of programming instructions having incorporated a first defensive technique of distributing a secret in space and in time and/or a second defensive technique of obfuscation to render the first plurality of programming instructions virtually unobservable and unmodifiable during execution. - View Dependent Claims (44)
-
-
45. An apparatus comprising:
-
an execution unit for executing programming instructions; a storage medium having stored therein a first, a second, a third, and a fourth plurality of programming instructions to be executed by the execution unit, the first and second plurality of programming instructions implementing a first and a second integrity verification function for a first and a second application respectively, whereas the third and fourth programming instructions implement a third and a fourth integrity verification function for a system integrity verification program, all four pluralities of programming instructions having incorporated defensive techniques rendering them tamper resistant, the four pluralities of programming instructions jointly implementing an interlocking trust mechanism, requiring the first and the second pluralities of programming instructions each to cooperate with both the third and fourth pluralities of programming instructions to complete an integrity verification on the apparatus.
-
-
46. A machine implemented method for verifying integrity on an apparatus, the method comprising the steps of:
-
a) a first and a second tamper resistant integrity verification function of a first and a second application of the apparatus individually requesting a third tamper resistant integrity verification function of a system integrity verification program to jointly perform integrity verification with the first and second tamper resistant integrity verification functions respectively; b) in response, the third tamper resistant integrity verification function calling a fourth tamper resistant integrity verification function of the system integrity verification program to jointly perform the requested integrity verifications; c) the fourth tamper resistant integrity verification function providing the first and the second tamper resistant integrity verification functions with respective results of the requested integrity verifications.
-
-
47. An apparatus comprising:
-
an execution unit for executing programming instructions; a storage medium having stored therein a first and a second plurality of programming instructions to be executed by the execution unit, and a first secret private key, the first and second pluralities of programming instructions implementing a first and a second tamper resistant decryption function respectively, the first tamper resistant decryption function being used for recovering a first public key asymmetric to the first secret private key using a second public key, the first public key having been previously encrypted using a second secret private key asymmetric to the second public key, the second tamper resistant decryption function being used for recovering a content encryption key using the first secret private key, the content encryption key having been previously encrypted using the first public key. - View Dependent Claims (48)
-
-
49. A machine implemented method for recovering content, the method comprising the steps of:
-
a) recovering a first public key using a second public key, the first and second public keys having a first and a second asymmetric private key respectively, the first public key having been previously encrypted by the second private key; b) providing the recovered first public key to be used for encrypting a content encryption key; c) receiving the encrypted content encryption key; and d) recovering the content encryption key using the first private key. - View Dependent Claims (50)
-
-
51. A machine readable storage medium having stored therein a plurality of programming instruction blocks that operates on corresponding subparts of a secret distributed among them, to be executed over a period of time.
-
52. A machine readable storage medium having stored therein a plurality of programming instructions that operates to partition a secret into a plurality of subparts, in response to being provided with the secret, and to generate a plurality of programming instruction blocks that operate on corresponding ones of the subparts.
-
53. A machine readable storage medium having stored therein a plurality of programming instruction blocks stored in a mutated form, except for at least one, which is stored in a plaintext form, wherein the mutated programming instruction blocks are recovered into the plaintext form during execution on an as needed basis, one or more but not all at a time.
-
54. A machine readable storage medium having stored therein a first plurality of programming instructions that operates to generate a plurality of subprograms for a program to obfuscate the program, in response to being provided with the program, the subprograms being generated in a mutated form, except for at least one, which is generated in a plaintext form, the subprograms being further generated with logic to recover the subprograms in plaintext form on an as needed basis, one or more but not all at a time.
-
55. A machine readable storage medium having stored therein a first and a second plurality of programming instructions that implements an application, with the first plurality of programming instructions implementing a security sensitive function of the application and the second plurality of programming instructions implementing a non-security sensitive function of the application, the first plurality of programming instructions having incorporated a first defensive technique of distributing a secret in space and in time and/or a second defensive technique of obfuscation to render the first plurality of programming instructions virtually unobservable and unmodifiable during execution.
-
56. A machine readable storage medium having stored therein a first, a second, a third, and a fourth plurality of programming instructions, wherein the first and second plurality of programming instructions implementing a first and a second integrity verification function for a first and a second application respectively, while the third and fourth programming instructions implementing a third and a fourth integrity verification function for a system integrity verification program, all four pluralities of programming instructions having incorporated defensive techniques rendering them tamper resistant, the four pluralities of programming instructions jointly implementing an interlocking trust mechanism, requiring the first and the second pluralities of programming instructions each to cooperate with both the third and fourth pluralities of programming instructions to complete any integrity verification.
-
57. A machine readable storage medium having stored therein a first and a second plurality of programming instructions, and a first secret private key, wherein the first and second pluralities of programming instructions implementing a first and a second tamper resistant decryption function,
the first tamper resistant decryption function being used for recovering a first public key asymmetric to the first secret private key, using a second public key, the first public key having been previously encrypted using a second secret private key asymmetric to the second public key, the second tamper resistant decryption function being used for recovering a content encryption key using the first secret private key, the content encryption key having been previously encrypted using the first public key.
Specification