System and method for defending against reverse engineering of software, firmware and hardware

US 7,841,009 B1
Filed: 07/11/2005
Issued: 11/23/2010
Est. Priority Date: 07/09/2004
Status: Active Grant

First Claim

Patent Images

1. A method for defending a software against reverse engineering in a target environment comprising:

a server acquiring information associated with said target environment, said acquired information associated with said target environment comprising one or more temporary values and one or more values acquired from a system unrelated to said target environment;

wherein the one or more temporary values comprising one or more just in time values supplied close to a time of use of the one or more just in time values;

generating an obfuscated executable program using a random obfuscating compiler by encrypting said software with said acquired information associated with said target environment;

sending said encrypted software with said acquired information associated with said target environment to an execution environment;

acquiring information associated with said execution environment, said acquired information associated with said execution environment comprising one or more orthogonal values utilized to verify said execution environment is a correct execution environment associated with said target environment;

wherein the one or more orthogonal values are monitored scenario information selectable based on a security level associated with the execution environment;

authenticating said execution environment as the target environment by comparing said acquired information associated with said execution environment with said acquired information associated with said target environment; and

if said two sets of information match, decrypting said encrypted software with said acquired information associated with said execution environment.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A method for defending a software against reverse engineering in a target environment includes acquiring information from the target environment, encrypting the software to be protected with the acquired information, sending the encrypted software with the acquired information to an execution environment, acquiring information from the execution environment, comparing the information from the execution environment with the acquired information from the target environment to authenticate the execution environment as the target environment, and if the two set of information match, decrypting the software to be protected, and if two set of information do not match, destroying said software.

36 Citations

View as Search Results

17 Claims

1. A method for defending a software against reverse engineering in a target environment comprising:
- a server acquiring information associated with said target environment, said acquired information associated with said target environment comprising one or more temporary values and one or more values acquired from a system unrelated to said target environment;
  
  wherein the one or more temporary values comprising one or more just in time values supplied close to a time of use of the one or more just in time values;
  
  generating an obfuscated executable program using a random obfuscating compiler by encrypting said software with said acquired information associated with said target environment;
  
  sending said encrypted software with said acquired information associated with said target environment to an execution environment;
  
  acquiring information associated with said execution environment, said acquired information associated with said execution environment comprising one or more orthogonal values utilized to verify said execution environment is a correct execution environment associated with said target environment;
  
  wherein the one or more orthogonal values are monitored scenario information selectable based on a security level associated with the execution environment;
  
  authenticating said execution environment as the target environment by comparing said acquired information associated with said execution environment with said acquired information associated with said target environment; and
  
  if said two sets of information match, decrypting said encrypted software with said acquired information associated with said execution environment.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
- - 2. The method according to claim 1 further comprising:
    - if said two set of information do not match, destroying said software.
  - 3. The method according to claim 1, wherein said step of encrypting said software with said acquired information associated with said target environment comprises generating an obfuscated executable program to incorporate said software with said acquired information associated with said target environment using a random obfuscating compiler.
  - 4. The method according to claim 1, wherein said step of acquiring information associated with said target environment includes acquiring information associated with said target environment through at least one anonymous electronic link, known only by the target environment.
  - 5. The method according to claim 1, wherein said step of acquiring information associated with said target environment further comprises encrypting said acquired information.
  - 6. The method according to claim 1, wherein said step of decrypting said software comprises decrypting said software using a decryption key which is sent to said target environment from a remote location.
  - 7. The method according to claim 6, wherein said decryption key comprises a value, the value being unique to the target environment.
  - 8. The method according to claim 1, further comprising detecting an attack on said decrypted software.
  - 9. The method according to claim 8, wherein said attack comprises:
    - a worm, a loss of power, an explosion, an end of mission, or any combination thereof.
  - 10. The method according to claim 8, further comprising:
    - intercepting a call to one or more system modules based on said detection of said attack; and
      
      preventing access by said intercepted call.
  - 11. The method according to claim 8, further comprising:
    - intercepting a call at a kernel level before execution of said call based on said detection of said attack; and
      
      preventing execution of said intercepted call.
  - 12. The method according to claim 8, wherein said detecting said attack further comprises examining a process list to detect said attack on said decrypted software.
  - 13. The method according to claim 8, further comprising destroying said decrypted software based on said detection of said attack.
  - 14. The method according to claim 8, further comprising storing said detection of said attack.
  - 15. The method according to claim 1, further comprising receiving the one or more orthogonal values from equipment near said execution environment, a person near said execution environment, or any combination thereof.

16. A random obfuscating compiler (ROC) system for defending a software against reverse engineering in a target environment of comprising:
- a server for generating one or more anonymous electronic links for acquiring information associated with the target environment, said one or more anonymous electronic links known only by the target environment, said acquired information associate with said target environment comprising one or more temporary values and one or more values acquired from a system unrelated to said target environment,wherein the one or more temporary values comprising one or more just in time values supplied close to a time of use of the one or more just in time values,wherein said server comprises a compiler for compiling said software to be protected, wherein said software to be protected is encrypted by said acquired information associated with the target environment to generate an obfuscated executable program,wherein said obfuscated executable program is adapted to acquire information associated with an execution environment and authenticate said execution environment as said target environment by comparing said acquired information associated with said execution environment with said acquired information associated with said target environment though said one or more anonymous electronic links, said acquired information associated with said execution environment comprising one or more orthogonal values utilized to verify said execution environment is a correct execution environment associated with said target environmentwherein the one or more orthogonal values are monitored scenario information selectable based on a security level associated with the execution environment.
- View Dependent Claims (17)
- - 17. The system according to claim 16, wherein said obfuscated executable program is adapted to:
    - monitor said software to be protected;
      
      destroy said software based on a software copy detection;
      
      destroy said software based on a termination of said software; and
      
      /or destroy said software based on an attack detection.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
ANGEL Secure Networks, Inc.
Original Assignee
ANGEL Secure Networks, Inc.
Inventors
Smith, Fred
Primary Examiner(s)
Shiferaw; Eleni A

Application Number

US11/178,527
Time in Patent Office

1,961 Days
Field of Search

72/24, 72/23, 726/24, 726/23, 726/22, 726/25, 726/26, 726/17, 713/150, 713/190, 713/194
US Class Current

726/26
CPC Class Codes

G06F 21/14 against software analysis o...

G06F 2221/2143 Clearing memory, e.g. to pr...

System and method for defending against reverse engineering of software, firmware and hardware

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

36 Citations

17 Claims

Specification

Use Cases

Quick Links

Others

System and method for defending against reverse engineering of software, firmware and hardware

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

36 Citations

17 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others