Upload
elfreda-summers
View
217
Download
1
Tags:
Embed Size (px)
Citation preview
Software Piracy Prevention through Diversity
Bertrand Anckaert, Bjorn De Sutter and Koen De Bosschere
Parallel Information Systems Group,Electronics and Information Systems Department,
Ghent University, Belgium
October 25, 2004 ACM DRM'04: Software Piracy Prevention through Diversity
2
Problem
o Software Piracy: 29 billion $ in 2003o Technical protection mechanisms:
• hardware token: cd, dongle, smart card• software token: license key, activation code• watermarks and fingerprints• …
o In practice: piracy still exists
October 25, 2004 ACM DRM'04: Software Piracy Prevention through Diversity
3
Reasons for Failure (1)
o Digital data copy prevention is impossible• near-zero marginal cost
o All copies are identical• attack on copyright mechanism of one copy
works on all copies
o Physical objects:• each copy is unique, non-zero marginal cost• Mimicry: hardware token, unique software
token, fingerprint, …• Problem: weak link ⇒ easily circumvented
October 25, 2004 ACM DRM'04: Software Piracy Prevention through Diversity
4
Reasons for Failure (2)
o Static nature of defense:• defense built into the software• once broken, copyright can no longer be
enforced
o Unfortunately:• software can be inspected and modified at will• not whether but when will it be broken• any (future) software protection can be broken⇔ benign host and malicious software⇒ more severe attack model
October 25, 2004 ACM DRM'04: Software Piracy Prevention through Diversity
5
Overview
o Diversity overcomes• identical nature of software• near-zero marginal cost
o Tailored updates overcome• static nature of defense
o Countered forms of software piracyo Piracy discriminationo Practical issueso Future work
October 25, 2004 ACM DRM'04: Software Piracy Prevention through Diversity
6
database
diversification
activation
Protection through Diversity: Installation
originaldiversifier
diversification
101101011100101101
010010100110100011
software provider
October 25, 2004 ACM DRM'04: Software Piracy Prevention through Diversity
7
Unique instances
o Each installed copy (instance) is unique • Uniqueness extended to the program as a
whole ⇒ strong link• attacks on copyright protection mechanism
cannot be generalized• identification and tracking of instances
o An instance is machine-dependant• we cannot prevent the copying of digital data• we can prevent a copy from having value
October 25, 2004 ACM DRM'04: Software Piracy Prevention through Diversity
8
Protection through Diversity: Update
tailor
databasesoftware provider
101010
update
101101011100101101
010110
010110
October 25, 2004 ACM DRM'04: Software Piracy Prevention through Diversity
9
Tailored Updates
o Update works for one instance and one instance only
o Updates only for legitimate instanceso Illegitimate users cannot keep their
software sound and up to date unless: a new line of defense is broken with every critical update
o static nature of defense ⇒ dynamic nature of defense
October 25, 2004 ACM DRM'04: Software Piracy Prevention through Diversity
10
Overview
o Diversity overcomes• identical nature of software• near-zero marginal cost
o Tailored updates overcome• static nature of defense
o Countered forms of software piracyo Piracy discriminationo Practical issueso Future work
October 25, 2004 ACM DRM'04: Software Piracy Prevention through Diversity
11
Cracks and Serials
o Example: undo protection of an evaluation version
o Solution: diversity• crack for one instance does not necessarily
work against another instance• serial code can be made instance-dependant
October 25, 2004 ACM DRM'04: Software Piracy Prevention through Diversity
12
Softlifting
o Softlifting: sharing software and updates within a small group of collaborating users
o Solution: Activation, machine dependanto Problem: can be circumventedo However: Diversity ⇒ each copy need to
be cracked separatelyo Small groups
Few pirates⇒ little effect on revenues
October 25, 2004 ACM DRM'04: Software Piracy Prevention through Diversity
13
Internet Piracy
o Static defenses need to be brokeno Large scale, detection as a result of
• many requests from different locations• search the internet
o When an instance is considered to be corrupt:• Migrate instance of legitimate user to a new
instance• Stop updates for the corrupt instance
October 25, 2004 ACM DRM'04: Software Piracy Prevention through Diversity
14
Overview
o Diversity overcomes• identical nature of software• near-zero marginal cost
o Tailored updates overcome• static nature of defense
o Countered forms of software piracyo Piracy discriminationo Practical issueso Future work
October 25, 2004 ACM DRM'04: Software Piracy Prevention through Diversity
15
Piracy Discrimination
o What?• tolerate a certain level of piracy
o Why?• illegitimate users = increase of the user base
⇒ exchangeability and complimentary goods• lock-in customers in an earlier phase
o How?• Fine-grained control over distributed software
o e.g.: multiple installations of a private license
tolerate piracy of a region-specific version
October 25, 2004 ACM DRM'04: Software Piracy Prevention through Diversity
16
Overview
o Diversity overcomes• identical nature of software• near-zero marginal cost
o Tailored updates overcome• static nature of defense
o Countered forms of software piracyo Piracy discriminationo Practical issueso Future work
October 25, 2004 ACM DRM'04: Software Piracy Prevention through Diversity
17
Reliance on Updates
o Tailored updates enable dynamic natureo Updates are necessary:
• to fix bugs• to add security patches• to support new hardware and new file formats• to keep a program compatible with other
programs• to add new functionality
o Artificially increase need for updateso buy software ⇒ rent software
October 25, 2004 ACM DRM'04: Software Piracy Prevention through Diversity
18
Diverse Instances and Tailored Updates
o Program: a large number of fileso Two approaches to updating:
• Full-file updatesdiversify interfaces between filesencryption and decryption of data, arguments andreturn values
• Incremental updatesdiversify within code files
October 25, 2004 ACM DRM'04: Software Piracy Prevention through Diversity
19
Example
Machine code original
Assembly original
1
2
29 c2
83 c2 ff
19 c9
83 c1 01
29 c9
29 c2
83 fa 01
83 d1 00
Binary update
00 00
00 00 00
00 00
42 28 1e
00 00
00 00
00 38 f1
00 00 00
sub %eax,%edx
add $-1,%edx
sbb %ecx,%ecx
add $1,%ecx
sub %ecx,%ecx
sub %eax,%edx
cmp $1,%edx
adc $0,%ecx
a = (b == c)
Machine code updated
Assembly updated
29 c2
83 c2 ff
19 c9
c1 e9 1f
29 c9
29 c2
83 c2 ff
83 d1 00
sub %eax,%edx
add $-1,%edx
sbb %ecx,%ecx
shr $31,%ecx
sub %ecx,%ecx
sub %eax,%edx
add $-1,%edx
adc $0,%ecx
a = (b != c)
An update should check if it is applied to the correct instance
October 25, 2004 ACM DRM'04: Software Piracy Prevention through Diversity
20
Repentant Users
o Contact the software providero Identify his instanceo Migrate his instance to a legitimate
instanceo Add entry to the database
October 25, 2004 ACM DRM'04: Software Piracy Prevention through Diversity
21
Costs
o Only useful ifadditional profit ≥ additional cost
o Costs include:• additional distribution costs of software and
updates• computational costs• increased complexity of software maintenance
October 25, 2004 ACM DRM'04: Software Piracy Prevention through Diversity
22
Future Work
o Thorough economic analysis of the expected costs and benefits
o Metric for diversityo Development of additional diversification
techniqueso …
October 25, 2004 ACM DRM'04: Software Piracy Prevention through Diversity
23
Conclusions
o Promising schemeo Considerable cost
• Severe attack model ⇒ no (other) silver bullet
o Many practical issues need to be addressed