Upload
clement-martin
View
214
Download
1
Embed Size (px)
Citation preview
Software Obfuscation from Crackers’ viewpoint
Y, Hiroki; K, Yuichiro; M Akito, N Masahide; M Ken-ichi
Proceedings of the IASTED International Conference
ADVANCES IN COMPUTER SCIENCE AND TECHNOLOGY
January 23-25, 2006, Puerto Vallarta, Mexico
Presented by Justin Nguyen
Summary
“Software obfuscation has become an essential means to hide secrets involved in today’s software system.”
Code obfuscation transforms a program unintelligently to a more complex and difficult to understand yet still functionally equivalent to the original program.
In this paper, the authors look at the problem from cracker’s viewpoint and from there, they discuss techniques for eliminating clues that crackers may find using cracking tools.
Appreciative Comments
The authors have explained very well that how easy a cracker can find clues just by associating the algorithm and the codes.
For example: “The result of addition X (32-bit) is divided into four 8-bit blocks x1,
…,x4. “ x1 = (X>>24) & 0xff x2 = (X>>16) & 0xff x3 = (X>>8) & 0xff x4 = X & 0xff
Appreciative Comments (cont)
There is a good and clear guideline to explain how to apply obfuscation.
Critical Comments
The article is not completely self-contained. For example: while explaining how the algorithm works, they used a function called “Key Schedule” without explaining how this function works.
There is very little discussion about how we can hide the obfuscation itself.
Question
Very often encrypted algorithms contain loops that iterate through and execute a piece of code. This piece of code is usually executed most frequently. Using a tool such as AddTracer or Profiler, a cracker can locate the most frequently executed code. Locating this piece of code, he can easily find out the key that is used to encrypt data.
So what you think is the best way to avoid this?
Thanks for your time