Interleaved data and instruction streams for application program obfuscation

US 7,424,620 B2
Filed: 09/25/2003
Issued: 09/09/2008
Est. Priority Date: 09/25/2003
Status: Active Grant

First Claim

Patent Images

1. A method for executing an obfuscated application program, the method comprising:

receiving, on a user device, an obfuscated application program that comprises application program instructions and application program data;

determining, in said user device during said execution of said obfuscated application, an application program instruction location permutation to apply to a current instruction counter value;

determining, in said user device during said execution of said obfuscated application, an application program data location permutation to apply to a current data location counter value;

receiving, in said user device during said execution of said obfuscated application, said current instruction counter value;

applying, in said user device during said execution of said obfuscated application, said application program instruction location permutation to said current instruction counter value to obtain a first reference to an application program instruction, in an instruction stream, to execute;

if said application program instruction references application program data, applying, in said user device during said execution of said obfuscated application, said application program data location permutation to data referenced by said application program instruction to obtain a second reference to data to access, said data to access interleaved with application program instructions in said instruction stream; and

executing, in said user device during said execution of said obfuscated application, said application program instruction.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Executing an obfuscated application program comprises receiving an application program comprising application program instructions and application program data, determining an application program instruction location permutation to apply to a current instruction counter value, determining an application program data location permutation to apply to a current data location counter value, receiving the current instruction counter value, and applying the application program instruction location permutation to the current instruction counter value to obtain a reference to an application program instruction in an instruction stream to execute. If the application program instruction references application program data, the application program data location permutation is applied to data referenced by the application program instruction to obtain a reference to data to access. The data to access is interleaved with application program instructions in the instruction stream. The application program instruction is then executed.

118 Citations

View as Search Results

52 Claims

1. A method for executing an obfuscated application program, the method comprising:
- receiving, on a user device, an obfuscated application program that comprises application program instructions and application program data;
  
  determining, in said user device during said execution of said obfuscated application, an application program instruction location permutation to apply to a current instruction counter value;
  
  determining, in said user device during said execution of said obfuscated application, an application program data location permutation to apply to a current data location counter value;
  
  receiving, in said user device during said execution of said obfuscated application, said current instruction counter value;
  
  applying, in said user device during said execution of said obfuscated application, said application program instruction location permutation to said current instruction counter value to obtain a first reference to an application program instruction, in an instruction stream, to execute;
  
  if said application program instruction references application program data, applying, in said user device during said execution of said obfuscated application, said application program data location permutation to data referenced by said application program instruction to obtain a second reference to data to access, said data to access interleaved with application program instructions in said instruction stream; and
  
  executing, in said user device during said execution of said obfuscated application, said application program instruction.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The method of claim 1 wherein said application program data comprises at least one cryptographic key for use in decrypting data.
  - 3. The method of claim 1 wherein at least some of said data to access is formatted to appear like one or more valid instructions.
  - 4. The method of claim 1 wherein at least some of said data to access comprises randomized data.
  - 5. The method of claim 4 wherein said randomized data is formatted to appear like one or more valid instructions.
  - 6. The method of claim 1, further comprising:
    - determining, in said user device during said execution of said obfuscated application, whether there is another application program instruction to be executed;
      
      advancing, in said user device during said execution of said obfuscated application, said current instruction counter if there is another application program instruction to be executed; and
      
      repeating, in said user device during said execution of said obfuscated application, said receiving said current instruction counter value, said transformings and said executing after said advancing.

7. A method for application program obfuscation, the method comprising:
- reading, at an application program provider, a first application program comprising application program instructions and application program data wherein execution of said first application program itself provides a service;
  
  determining, at said application program provider, an application program instruction location permutation;
  
  determining, at said application program provider, a memory storage location for at least one application program instruction of said first application program;
  
  transforming, at said application program provider, said memory storage location using said application program instruction location permutation to generate an obfuscated application program having at least one application program instruction stored at a memory location that is based at least in part on a permutation of the memory storage location of said at least one application program instruction in said first application program;
  
  determining, at said application program provider, an application program data location permutation;
  
  determining, at said application program provider, a memory storage location for at least one datum of said first application program;
  
  transforming, at said application program provider, said storage memory location of said at least one datum using said application program data location permutation to generate in said obfuscated application program, at least one application program datum stored at a memory location that is based at least in part on a permutation of the memory storage location of said at least one datum in said first application program,wherein said transforming using said application program instruction location permutation and said transforming using said application program data location permutation creates an instruction stream for said obfuscated application program having application program data interspersed with application program instructions; and
  
  sending, at said application program provider, said obfuscated application program.
- View Dependent Claims (8, 9, 10, 11, 12, 13)
- - 8. The method of claim 7 wherein said application program data comprises at least one cryptographic key for use in decrypting data.
  - 9. The method of claim 7 wherein at least some of said data to access is formatted to appear like one or more valid instructions.
  - 10. The method of claim 7 wherein at least some of said data to access comprises randomized data.
  - 11. The method of claim 10 wherein said randomized data is formatted to appear like one or more valid instructions.
  - 12. The method of claim 7, further comprising receiving an application program request from a user device, said determining occurring in response to said receiving.
  - 13. The method of claim 7 wherein said method further comprises:
    - applying, following completion of said transformings, a cryptographic process to said obfuscated application program together with a cryptographic key to create an encrypted obfuscated application program; and
      
      said sending comprises sending said encrypted obfuscated application program.

14. A program storage device comprising a computer readable medium having embodied therein computer readable instructions, wherein execution of said computer readable instructions results in a method for executing an obfuscated application program, the method comprising:
- receiving, on a user device, an obfuscated application program that comprises application program instructions and application program data;
  
  determining, in said user device during said execution of said obfuscated application, an application program instruction location permutation to apply to a current instruction counter value;
  
  determining, in said user device during said execution of said obfuscated application, an application program data location permutation to apply to a current data location counter value;
  
  receiving, in said user device during said execution of said obfuscated application, said current instruction counter value;
  
  applying, in said user device during said execution of said obfuscated application, said application program instruction location permutation to said current instruction counter value to obtain a first reference to an application program instruction, in an instruction stream, to execute;
  
  if said application program instruction references application program data, applying, in said user device during said execution of said obfuscated application, said application program data location permutation to data referenced by said application program instruction to obtain a second reference to data to access, said data to access interleaved with application program instructions in said instruction stream; and
  
  executing, in said user device during said execution of said obfuscated application, said application program instruction.
- View Dependent Claims (15, 16, 17, 18, 19)
- - 15. The program storage device of claim 14 wherein said application program data comprises at least one cryptographic key for use in decrypting data.
  - 16. The program storage device of claim 14 wherein at least some of said data to access is formatted to appear like one or more valid instructions.
  - 17. The program storage device of claim 14 wherein at least some of said data to access comprises randomized data.
  - 18. The program storage device of claim 17 wherein said randomized data is formatted to appear like one or more valid instructions.
  - 19. The program storage device of claim 14, said method further comprising:
    - determining, in said user device during said execution of said obfuscated application, whether there is another application program instruction to be executed;
      
      advancing, in said user device during said execution of said obfuscated application, said current instruction counter if there is another application program instruction to be executed; and
      
      repeating, in said user device during said execution of said obfuscated application, said receiving said current instruction counter value, said transformings and said executing after said advancing.

20. A program storage device comprising a computer readable medium having embodied therein computer readable instructions, wherein execution of said computer readable instructions results in a method for application program obfuscation, the method comprising:
- reading, at an application program provider, a first application program comprising application program instructions and application program data wherein execution of said first application program itself provides a service;
  
  determining, at said application program provider, an application program instruction location permutation;
  
  determining, at said application program provider, a memory storage location for at least one application program instruction of said first application program;
  
  transforming, at said application program provider, said memory storage location using said application program instruction location permutation to generate an obfuscated application program having at least one application program instruction stored at a memory location that is based at least in part on a permutation of the memory storage location of said at least one application program instruction in said first application program;
  
  determining, at said application program provider, an application program data location permutation;
  
  determining, at said application program provider, a memory storage location for at least one datum of said first application program;
  
  transforming, at said application program provider, said storage memory location of said at least one datum using said application program data location permutation to generate in said obfuscated application program, at least one application program datum stored at a memory location that is based at least in part on a permutation of the memory storage location of said at least one datum in said first application program,wherein said transforming using said application program instruction location permutation and said transforming using said application program data location permutation creates an instruction stream for said obfuscated application program having application program data interspersed with application program instructions; and
  
  sending, at said application program provider, said obfuscated application program.
- View Dependent Claims (21, 22, 23, 24, 25, 26)
- - 21. The program storage device of claim 20 wherein said application program data comprises at least one cryptographic key for use in decrypting data.
  - 22. The program storage device of claim 20 wherein at least some of said data to access is formatted to appear like one or more valid instructions.
  - 23. The program storage device of claim 20 wherein at least some of said data to access comprises randomized data.
  - 24. The program storage device of claim 23 wherein said randomized data is formatted to appear like one or more valid instructions.
  - 25. The program storage device of claim 20, said method further comprising receiving an application program request from a user device, said determining occurring in response to said receiving.
  - 26. The program storage device of claim 20 whereinsaid method further comprises:
    - applying, following completion of said transformings, a cryptographic process to said obfuscated application program together with a cryptographic key to create an encrypted obfuscated application program; and
      
      said sending comprises sending said encrypted obfuscated application program.

27. An apparatus for executing an obfuscated application program, the apparatus comprising:
- means for receiving, on a user device, an obfuscated application program that comprises application program instructions and application program data;
  
  means for determining, in said user device during said execution of said obfuscated application, an application program instruction location permutation to apply to a current instruction counter value;
  
  means for determining, in said user device during said execution of said obfuscated application, an application program data location permutation to apply to a current data location counter value;
  
  means for receiving, in said user device during said execution of said obfuscated application, said current instruction counter value;
  
  means for applying, in said user device during said execution of said obfuscated application, said application program instruction location permutation to said current instruction counter value to obtain a first reference to an application program instruction, in an instruction stream, to execute;
  
  means for, if said application program instruction references application program data, applying, in said user device during said execution of said obfuscated application, said application program data location permutation to data referenced by said application program instruction to obtain a second reference to data to access, said data to access interleaved with application program instructions in said instruction stream; and
  
  means for executing, in said user device during said execution of said obfuscated application, said application program instruction.
- View Dependent Claims (28, 29, 30, 31, 32)
- - 28. The apparatus of claim 27 wherein said application program data comprises at least one cryptographic key for use in decrypting data.
  - 29. The apparatus of claim 27 wherein at least some of said data to access is formatted to appear like one or more valid instructions.
  - 30. The apparatus of claim 27 wherein at least some of said data to access comprises randomized data.
  - 31. The apparatus of claim 30 wherein said randomized data is formatted to appear like one or more valid instructions.
  - 32. The apparatus of claim 27, further comprising:
    - means for determining, in said user device during said execution of said obfuscated application, whether there is another application program instruction to be executed;
      
      means for advancing, in said user device during said execution of said obfuscated application, said current instruction counter if there is another application program instruction, to be executed; and
      
      means for repeating, in said user device during said execution of said obfuscated application, said receiving said current instruction counter value, said transformings and said executing after said advancing.

33. An apparatus for application program obfuscation, the apparatus comprising:
- means for reading, at an application program provider, a first application program comprising application program instructions and application program data wherein execution of said first application program itself provides a service;
  
  means for determining, at said application program provider, an application program instruction location permutation;
  
  means for determining, at said application program provider, a memory storage location for at least one application program instruction of said first application program;
  
  means for transforming, at said application program provider, said memory storage location using said application program instruction location permutation to generate an obfuscated application program having at least one application program instruction stored at a memory location that is based at least in part on a permutation of the memory storage location of said at least one application program instruction in said first application program;
  
  means for determining, at said application program provider, an application program data location permutation;
  
  means for determining,, at said application program provider, a memory storage location for at least one datum of said first application program;
  
  means for transforming, at said application program provider, said storage memory location of said at least one datum using said application program data location permutation to generate in said obfuscated application program, at least one application program datum stored at a memory location that is based at least in part on a permutation of the memory storage location of said at least one datum in said first application program,wherein said means for transforming using said application program instruction location permutation and said means for transforming using said application program data location permutation creates an instruction stream for said obfuscated application program having application program data interspersed with application program instructions; and
  
  means for sending, at said application program provider, said obfuscated application program.
- View Dependent Claims (34, 35, 36, 37, 38, 39)
- - 34. The apparatus of claim 33 wherein said application program data comprises at least one cryptographic key for use in decrypting data.
  - 35. The apparatus of claim 33 wherein at least some of said data to access is formatted to appear like one or more valid instructions.
  - 36. The apparatus of claim 33 wherein at least some of said data to access comprises randomized data.
  - 37. The apparatus of claim 36 wherein said randomized data is formatted to appear like one or more valid instructions.
  - 38. The apparatus of claim 33, said apparatus further configured to receive an application program request from a user device, said determining occurring in response to said receiving.
  - 39. The apparatus of claim 33 wherein said apparatus further comprises:
    - means for applying, following completion of said transformings, a cryptographic process to said obfuscated application program together with a cryptographic key to create an encrypted obfuscated application program; and
      
      said means for sending comprises means for sending said encrypted obfuscated application program.

40. An apparatus for executing an obfuscated application program, the apparatus comprising a user device configured to:
- receive, on said user device, an obfuscated application program that comprises application program instructions and application program data;
  
  determine, in said user device during said execution of said obfuscated application, an application program instruction location permutation to apply to a current instruction counter value;
  
  determine, in said user device during said execution of said obfuscated application, an application program data location permutation to apply to a current data location counter value;
  
  receive, in said user device during said execution of said obfuscated application, said current instruction counter value;
  
  apply, in said user device during said execution of said obfuscated application, said application program instruction location permutation to said current instruction counter value to obtain a first reference to an application program instruction, in an instruction stream, to execute;
  
  apply, in said user device during said execution of said obfuscated application, said application program data location permutation to data referenced by said application program instruction to obtain a second reference to data to access, said data to access interleaved with application program instructions in said instruction stream; and
  
  execute, in said user device during said execution of said obfuscated application, said application program instruction.
- View Dependent Claims (41, 42, 43, 44, 45)
- - 41. The apparatus of claim 40 wherein said application program data comprises at least one cryptographic key for use in decrypting data.
  - 42. The apparatus of claim 40 wherein at least some of said data to access is formatted to appear like one or more valid instructions.
  - 43. The apparatus of claim 40 wherein at least some of said data to access comprises randomized data.
  - 44. The apparatus of claim 43 wherein said randomized data is formatted to appear like one or more valid instructions.
  - 45. The apparatus of claim 40, said user device further configured to:
    - determine, in said user device during said execution of said obfuscated application, whether there is another application program instruction to be executed;
      
      advance, in said user device during said execution of said obfuscated application, said current instruction counter if there is another application program instruction to be executed; and
      
      repeat, in said user device during said execution of said obfuscated application, said receiving said current instruction counter value, said transformings and said executing after said advancing.

46. An apparatus for application program obfuscation, the apparatus comprising an application program provider configured to:
- read, at said application program provider, a first application program comprising application program instructions and application program data wherein execution of said first application program itself provides a service;
  
  determine, at said application program provider, an application program instruction location permutation;
  
  determine, at said application program provider, a memory storage location for at least one application program instruction of said first application program;
  
  transform, at said application program provider, said memory storage location using said application program instruction location permutation to generate an obfuscated application program having at least one application program instruction stored at a memory location that is based at least in part on a permutation of the memory storage location of said at least one application program instruction in said first application program;
  
  determine, at said application program provider, an application program data location permutation;
  
  determine, at said application program provider, a memory storage location for at least one datum of said first application program;
  
  transform, at said application program provider, said storage memory location of said at least one datum using said application program data location permutation to generate in said obfuscated application program, at least one application program datum stored at a memory location that is based at least in part on a permutation of the memory storage location of said at least one datum in said first application program,wherein said transforming using said application program instruction location permutation and said transforming using said application program data location permutation creates an instruction stream for said obfuscated application program having application program data interspersed with application program instructions; and
  
  send, at said application program provider, said obfuscated application program.
- View Dependent Claims (47, 48, 49, 50, 51, 52)
- - 47. The apparatus of claim 46 wherein said application program data comprises at least one cryptographic key for use in decrypting data.
  - 48. The apparatus of claim 46 wherein at least some of said data to access is formatted to appear like one or more valid instructions.
  - 49. The apparatus of claim 46 wherein at least some of said data to access comprises randomized data.
  - 50. The apparatus of claim 49 wherein said randomized data is formatted to appear like one or more valid instructions.
  - 51. The apparatus of claim 46, said application program provider further configured to receive an application program request from a user device, said determining occurring in response to said receiving.
  - 52. The apparatus of claim 46 wherein said application program provider is further configured to:
    - apply, following completion of said transformings, a cryptographic process to said obfuscated application program together with a cryptographic key to create an encrypted obfuscated application program; and
      
      said application program provider is further configured to send said encrypted obfuscated application program.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle America, Inc. (Oracle Corporation)
Original Assignee
Sun Microsystems Incorporated (Oracle Corporation)
Inventors
de Jong, Eduard K.
Primary Examiner(s)
Moazzami; Nasser
Assistant Examiner(s)
Cervetti; David Garcia

Application Number

US10/673,021
Publication Number

US 20050071664A1
Time in Patent Office

1,811 Days
Field of Search

713/189, 713/194, 713/190
US Class Current

713/190
CPC Class Codes

G06F 21/14 against software analysis o...

Interleaved data and instruction streams for application program obfuscation

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

118 Citations

52 Claims

Specification

Solutions

Use Cases

Quick Links

Interleaved data and instruction streams for application program obfuscation

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

118 Citations

52 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links