Upload
dillan
View
60
Download
1
Embed Size (px)
DESCRIPTION
Security Protection of Software Programs by Information Sharing and Authentication Techniques Using Invisible ASCII Control Codes. Authors : I-Shi Lee and Wen-Hsiang Tsai Source : International Journal of Network Security, vol. 10, no. 1, pp. 1-10, 2010 - PowerPoint PPT Presentation
Citation preview
Security Protection of Software Programs by Information Sharing and Authentication
Techniques Using Invisible ASCII Control Codes
Authors : I-Shi Lee and Wen-Hsiang TsaiSource : International Journal of Network Security, vol. 10, no. 1, pp. 1-10, 2010Presenter : Ping-Kun Hsu (許鈵昆 )Date : 11/26/2010
2
Outline Introduction ASCII control codes The proposed method Experimental result Conclusions
3
Introduction Goals
Information Sharing Authentication
Related Works Invisible Character Coding Table Exclusive-OR
4
ASCII control codes(1/2)
Hex Char Hex Char Hex Char Hex Char
0 NUL 8 BS 10 DLE 18 CAN
1 SOH 9 HT 11 DC1 19 EM
2 STX A LF 12 DC2 1A SUB
3 ETX B VT 13 DC3 1B ESC
4 EOT C FF 14 DC4 1C FS
5 ENQ D CR 15 NAK 1D GS
6 ACK E SO 16 SYN 1E RS
7 BEL F SI 17 ETB 1F US
invisible in the comments or characters string of VC++ programs
5
ASCII control codes(2/2)
6
The proposed method(1/8) Invisible Character Coding Table
Hex Invisible ASCII Code Bit Pair
1C FS 00
1D GS 01
1E RS 10
1F US 11
The proposed method(2/8) Flow Chat
7
Secret program Camouflage programs Secret random key
⊕ ⊕
Shares
Authentication signs
Stego-programs
Invisible Character Coding Table
The proposed method(3/8) Creating shares from the secret program
Ss : Secret program string Pk: Camouflage program, , k = 1, 2, … , n Sk: Camouflage programs string, k = 1, 2, …, n Y’: The expanded key Ek: The shares, k = 1, 2, …, n
8
S1 S2 S3 Sn-1 Sn Ss⊕ ⊕ ⊕ ⊕‧‧‧ ⊕ ⊕⊕ Y’
E E1 E2 En-1 E3 En‧‧‧
= E
Pk = c1c2c3 … Sk
9
The proposed method(4/8) Generating authentication signs
Sk: Camouflage programs string, k = 1 ,2, …, n Ek: The shares, k = 1, 2, …, n Ak: The authentication signs, k = 1, 2, … ,n Y : The secret random key
Sk
Ek
Y
= (ABC)16 =(65 66 67)10
= (10101010)2 = (170)10
= (DEF)16 =(68 69 70)10
65+66+67 mod 170 = 28
68+69+70 mod 170 = 37
00011100 00100101 = Ak
10
The proposed method(5/8) Encoding and hiding the shares and signs
Ek: The shares, k = 1, 2,…, n Ak: The authentication signs, k = 1, 2,… , n Fk: Binary string, k = 1, 2,… , n Pk: Camouflage program, , k = 1, 2, … , n Pk’: Stego-programs, k = 1, 2, … , n
Ek Ak Fk = ||
= 01000100 01000101 01000110 00011100 00100101
Invisible character coding table
1D1C1D1C 1D1C1D1D 1D1C1D1E 1C1D1F1C 1C1E1D1D
Pk Pk’
11
The proposed method(6/8) Extracting hidden shares and signs
Ek: The shares, k = 1, 2,…, n Ak: The authentication signs, k = 1, 2,… , n Fk’: The extracted character string, k = 1, 2,… , n Pk: Camouflage program, , k = 1, 2, … , n Pk’: Stego-programs, k = 1, 2, … , n
Pk’ Pk
1D1C1D1C 1D1C1D1D 1D1C1D1E 1C1D1F1C 1C1E1D1D
= Fk’||
Invisible character coding table
Fk’ =
01000100 01000101 01000110 00011100 00100101
Ek Ak
The proposed method(7/8) Authenticating
Ek: The shares, k = 1, 2,…, n Ak’: The authentication signs, k = 1, 2,… , n Pk: Camouflage program, , k = 1, 2, … , n Sk: Camouflage programs string, k = 1, 2, …, n Y : The secret random key
12
=00011100 00100101 Ak’
Ak = 00011100 00100101 Pk = c1c2c3 … Sk
Sk
Ek
= (ABC)16 =(65 66 67)10
= (DEF)16 =(68 69 70)10
65+66+67 mod 170 = 28
68+69+70 mod 170 = 37
Y = (10101010)2 = (170)10 00011100 00100101 = Ak’
13
The proposed method(8/8) Recovering the secret program
Ss : Secret program string Sk: Camouflage programs string, k = 1, 2, …, n Y’: The expanded key Ek: The shares, k = 1, 2, …, n
E E1 E2 En-1 E3 En‧‧‧|| || || || =
Ss⊕ S1 S2 S3 Sn-1 Sn
⊕ ⊕ ⊕ ⊕‧‧‧ ⊕ ⊕ Y’= E
14
Experimental result
15
Conclusions The proposed method may decrease the
doubts of malicious attackers.
The proposed method may be extended to deal with web pages.