PROVISION OF FUNCTIONALITY VIA OBFUSCATED SOFTWARE

US 20080229115A1
Filed: 03/16/2007
Published: 09/18/2008
Est. Priority Date: 03/16/2007
Status: Abandoned Application

First Claim

Patent Images

1. A software obfuscation method comprising:

encrypting a software portion, wherein;

the software portion is encrypted utilizing a cryptographic key; and

the software portion is executable;

generating a first obfuscated portion comprising the encrypted software portion;

encrypting the cryptographic key, wherein;

the cryptographic key is encrypted utilizing a public key of a public/private cryptographic key pair comprising the public key and a private key;

generating a second obfuscated portion comprising the encrypted cryptographic key;

generating an obfuscated file comprising the first obfuscated portion and the second obfuscated portion; and

storing the obfuscated file.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In an example embodiment, executable files are individually encrypted utilizing a symmetric cryptographic key. For each user to be given access to the obfuscated file, the symmetric cryptographic key is encrypted utilizing a public key of a respective public/private key pair. A different public key/private key pair is utilized for each user. Obfuscated files are formed comprising the encrypted executable files and a respective encrypted symmetric cryptographic key. The private keys of the public/private key pairs are stored on respective smart cards. The smart cards are distributed to the users. When a user wants to invoke the functionality of an obfuscated file, the user provides the private key via his/her smart card. The private key is retrieved and is utilized to decrypt the appropriate portion of the obfuscated file. The symmetric cryptographic key obtained therefrom is utilized to decrypt the encrypted executable file.

58 Citations

View as Search Results

20 Claims

1. A software obfuscation method comprising:
- encrypting a software portion, wherein;
  
  the software portion is encrypted utilizing a cryptographic key; and
  
  the software portion is executable;
  
  generating a first obfuscated portion comprising the encrypted software portion;
  
  encrypting the cryptographic key, wherein;
  
  the cryptographic key is encrypted utilizing a public key of a public/private cryptographic key pair comprising the public key and a private key;
  
  generating a second obfuscated portion comprising the encrypted cryptographic key;
  
  generating an obfuscated file comprising the first obfuscated portion and the second obfuscated portion; and
  
  storing the obfuscated file.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. A method in accordance with claim 1, further comprising storing the private key on a storage device.
  - 3. A method in accordance with claim 2, wherein the obfuscated file is stored on a processor, the method further comprising:
    - retrieving, by the processor from the storage device, the private key;
      
      decrypting the second obfuscated portion utilizing the retrieved private key;
      
      obtaining a decrypted cryptographic key from the decrypted second obfuscated portion; and
      
      decrypting the encrypted software portion utilizing the obtained, decrypted cryptographic key.
  - 4. A method in accordance with claim 2, wherein the storage device comprises a smart card.
  - 5. A method in accordance with claim 1, wherein the cryptographic key comprises a symmetric cryptographic key.
  - 6. A method in accordance with claim 1, wherein:
    - the first obfuscated portion further comprises a plurality of software portions;
      
      each of the plurality of software portions is encrypted utilizing the cryptographic key; and
      
      each of the plurality of software portions is executable.
  - 7. A method in accordance with claim 1, further comprising:
    - encrypting the cryptographic key a plurality of times to generate the second obfuscated portion, wherein;
      
      the cryptographic key is encrypted a plurality of times utilizing a respective public key of a respective plurality of public/private cryptographic key pairs comprising respectively, a plurality of public keys and a plurality of private keys; and
      
      storing the plurality of private keys on a respective plurality of storage devices, such that each one of the plurality of storage devices contains at least one private key of the plurality of public/private cryptographic key pairs stored thereon.
  - 8. A method in accordance with claim 1, wherein:
    - a plurality of software portions is encrypted to form the first obfuscated portion;
      
      each of the plurality of software portions is encrypted utilizing a respective cryptographic key of a respective plurality of cryptographic keys;
      
      each of the plurality of software portions is executable; and
      
      the second obfuscated portion comprises each one of the plurality of cryptographic keys encrypted utilizing the public key.
  - 9. A method in accordance with claim 1, wherein:
    - a plurality of software portions is encrypted to form the first obfuscated portion;
      
      each of the plurality of software portions is encrypted utilizing a respective cryptographic key of a respective plurality of cryptographic keys;
      
      each of the plurality of software portions is executable;
      
      the second obfuscated portion comprises each of the plurality of cryptographic keys encrypted utilizing a respective public key of a respective plurality of public/private cryptographic key pairs comprising respectively, a plurality of public keys and a plurality of private keys; and
      
      each of the plurality of private keys is stored on a respective plurality of storage devices, such that each one of the plurality of storage devices contains at least one private key of the plurality of public/private cryptographic key pairs stored thereon.
  - 10. A method in accordance with claim 1, wherein:
    - the second obfuscated portion further comprises at least one of a hash value, a salt, information pertaining to the software portion, the public key; and
      
      the at least one of the hash value, the salt, the information pertaining to the software portion, the public key is encrypted utilizing the public key.

11. A software obfuscation system comprising:
- a processing portion configured to;
  
  encrypt a software portion, wherein;
  
  the software portion is encrypted utilizing a cryptographic key; and
  
  the software portion is executable;
  
  generate a first obfuscated portion comprising the encrypted software portion;
  
  encrypt the cryptographic key, wherein;
  
  the cryptographic key is encrypted utilizing a public key of a public/private cryptographic key pair comprising the public key and a private key;
  
  generate a second obfuscated portion comprising the encrypted cryptographic key; and
  
  generate an obfuscated file comprising the first obfuscated portion and the second obfuscated portion; and
  
  a first memory portion configured to store the obfuscated file; and
  
  a second memory portion configured to store the private key.
- View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
- - 12. A system in accordance with claim 11, wherein the second memory portion comprises a smart card.
  - 13. A system in accordance with claim 11, wherein the cryptographic key comprises a symmetric cryptographic key.
  - 14. A system in accordance with claim 11, wherein:
    - the first obfuscated portion further comprises a plurality of software portions;
      
      each of the plurality of software portions is encrypted utilizing the cryptographic key; and
      
      each of the plurality of software portions is executable.
  - 15. A system in accordance with claim 11, wherein the processing portion is further configured to:
    - encrypt the cryptographic key a plurality of times to generate the second obfuscated portion, wherein the cryptographic key is encrypted a plurality of times utilizing a respective public key of a respective plurality of public/private cryptographic key pairs comprising respectively, a plurality of public keys and a plurality of private keys; and
      
      store the plurality of private keys on a respective plurality of storage devices, such that each one of the plurality of storage devices contains a single private key stored thereon.
  - 16. A system in accordance with claim 11, the processing portion further configured to encrypt a plurality of software portions to form the first obfuscated portion, wherein:
    - each of the plurality of software portions is encrypted utilizing a respective cryptographic key of a respective plurality of cryptographic keys;
      
      each of the plurality of software portions is executable; and
      
      the second obfuscated portion comprises each one of the plurality of cryptographic keys encrypted utilizing the public key.
  - 17. A system in accordance with claim 11, the processing portion further configured to encrypt a plurality of software portions to form the first obfuscated portion, wherein:
    - each of the plurality of software portions is encrypted utilizing a respective cryptographic key of a respective plurality of cryptographic keys;
      
      each of the plurality of software portions is executable;
      
      the second obfuscated portion comprises each of the plurality of cryptographic keys encrypted utilizing a respective public key of a respective plurality of public/private cryptographic key pairs comprising respectively, a plurality of public keys and a plurality of private keys; and
      
      each of the plurality of private keys is stored on a respective plurality of storage devices, such that each one of the plurality of storage devices contains at least one private key of the plurality of public/private cryptographic key pairs stored thereon.
  - 18. A system in accordance with claim 11, wherein:
    - the second obfuscated portion further comprises at least one of a hash value, a salt, information pertaining to the software portion, the public key; and
      
      the at least one of the hash value, the salt, the information pertaining to the software portion, the public key is encrypted utilizing the public key.

19. A computer-readable medium having stored thereon computer-executable instruction for software obfuscation by performing the steps of:
- encrypting a software portion, wherein;
  
  the software portion is encrypted utilizing a cryptographic key; and
  
  the software portion is executable;
  
  generating a first obfuscated portion comprising the encrypted software portion;
  
  encrypting the cryptographic key, wherein;
  
  the cryptographic key is encrypted utilizing a public key of a public/private cryptographic key pair comprising the public key and a private key;
  
  generating a second obfuscated portion comprising the encrypted cryptographic key;
  
  generating an obfuscated file comprising the first obfuscated portion and the second obfuscated portion; and
  
  storing the private key on a storage device.
- View Dependent Claims (20)
- - 20. A computer-readable medium in accordance with claim 19, the computer-executable instructions further for:
    - retrieving the private key;
      
      decrypting the second obfuscated portion utilizing the retrieved private key;
      
      obtaining a decrypted cryptographic key from the decrypted second obfuscated portion; and
      
      decrypting the encrypted software portion utilizing the obtained, decrypted cryptographic key.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Ben-Zvi, Nir, Ide, Nathan Jeffrey, Dhillon, Karan Singh, Wollnik, Matthias Hermann, Bostanci, Hakki Tunc, Goldsmid, Aaron, McDowell, John Richard, Linsley, David John

Application Number

US11/687,252
Publication Number

US 20080229115A1
Time in Patent Office

Days
Field of Search
US Class Current

713/190
CPC Class Codes

G06F 21/14   against software analysis o...

H04L 2209/16   Obfuscation or hiding, e.g....

H04L 9/0825   using asymmetric-key encryp...

PROVISION OF FUNCTIONALITY VIA OBFUSCATED SOFTWARE

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

58 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

PROVISION OF FUNCTIONALITY VIA OBFUSCATED SOFTWARE

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

58 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links