Implementing portable content protection to secure secrets
First Claim
1. An article comprising a non-transitory computer readable medium storing instructions that, when executed by a computer processor-based system, result in:
- developing for a program including one or more data variables, blocks of code, jumps and a secret in a control flow graph indicative of at least one unique variable layout for said one or more data variables;
compiling the program based on said at least one unique variable layout to obscure said secret while shuffling data across the program during execution;
identifying said one or more blocks of code as nodes and said one or more jumps as arcs of the control flow graph;
adding exactly one dummy entry and one dummy exit node to the control flow graph to assign permutations to non-dummy nodes in the control graph; and
assigning permutations to said dummy entry and dummy exit nodes and marking said nodes as assigned.
0 Assignments
0 Petitions
Accused Products
Abstract
A source-level compiler may randomly select compilation conventions to implement portable content protection, securing the secrets embedded in a program by shuffling associated data. The program may be developed using a source language that is applicative on the associated data. To obscure the embedded secrets, in one embodiment, pre-compiler software may be deployed for compiling the program in a random-execution-order based on a random seed indication that randomly selects compilation conventions and a shuffling algorithm that moves the associated data across the program during execution.
-
Citations
3 Claims
-
1. An article comprising a non-transitory computer readable medium storing instructions that, when executed by a computer processor-based system, result in:
-
developing for a program including one or more data variables, blocks of code, jumps and a secret in a control flow graph indicative of at least one unique variable layout for said one or more data variables; compiling the program based on said at least one unique variable layout to obscure said secret while shuffling data across the program during execution; identifying said one or more blocks of code as nodes and said one or more jumps as arcs of the control flow graph; adding exactly one dummy entry and one dummy exit node to the control flow graph to assign permutations to non-dummy nodes in the control graph; and assigning permutations to said dummy entry and dummy exit nodes and marking said nodes as assigned. - View Dependent Claims (2, 3)
-
Specification
-
- Resources
-
Current AssigneeIntel Corporation
-
Original AssigneeIntel Corporation
-
InventorsGraunke, Gary L.
-
Primary Examiner(s)BROWN, CHRISTOPHER J
-
Application NumberUS13/426,708Publication NumberTime in Patent Office950 DaysField of Search717/170, 717/144, 713/193US Class Current717/144CPC Class CodesG06F 21/125 by manipulating the program...G06F 21/14 against software analysis o...
