Software encryption and decryption

Software encryption and decryption

Basic Information
Original Title: surreptitious software: obfuscation, watermarking, and tamperproofing for Software Protection
Original Publishing House: Pearson Education
Author: (US) Christian collberg jasvir nagra [Translator's introduction]
Translator: Cui xiaochen
Series name: Turing programming Series
Press: People's post and telecommunications Press
ISBN: 9787115270757
Mounting time:
Published on: February 1, May 2012
Start: 16
Page number: 601
Version: 1-1
Category: Computer> Security> encryption and decryption

More details "Software encryption and decryption
Introduction
Computer books
　
Software encryption and decryption describes how to use obfuscation, watermarks, tamper-proofing, and other technologies to protect software against piracy, tampering, and malicious reverse engineering, the main content includes attackers and defenders used to analyze programs.
Various mainstream methods, how to use the code obfuscation technology to make the program more difficult to analyze and understand, how to add watermarks and fingerprints in the software to identify software developers and buyers, and so on.
Software encryption and decryption is suitable for software developers at all levels.
Directory
Chapter 1 What is concealed software 1
1.1 Overview 1
1.2 Attack and Defense 5
1.3 Method 6 of Program Analysis
1.4 code obfuscation 11
1.4.1 application of code obfuscation 13
1.4.2 obfuscation technology overview 17
1.4.3 code obfuscation technology used by hackers 21
1.5 tamper-proofing technology 27
1.5.1 anti-tampering Technology Application 27
1.5.2 anti-tampering Technology example 29
1.6 software watermark 30
1.6.1 software watermark example 32
1.6.2 attack watermark system 34
1.7 software Similarity comparison 36
1.7.1 code plagiarism 36
1.7.2 software author identification 37
1.7.3 software birthmark 38
1.7.4 software birthmark case 40

1.8 hardware-based protection technology 41
1.8.1 hardware encryption locks and software for sale together 42
1.8.2 bind the program with the CPU 43
1.8.3 ensure that the software is executed in a secure environment 43
1.8.4 encrypt executable files 44
1.8.5 added physical protection 45
1.9 summary 46
1.9.1 reasons for using Software Protection Technology 46
1.9.2 reasons for not using Software Protection Technology 47
1.9.3 what should I do? 47
1.10 some instructions 48
Chapter 4 Attack and Defense Methods 49
2.1 attack policy 50
2.1.1 prototype of the cracked object 50
2.1.2 motivation of the attacker 52
2.1.3 how to crack 54
2.1.4 Method 55 used by the attacker
2.1.5 tools used by hackers 58
2.1.6 what technologies will hackers use? 59
2.1.7 Summary 69
2.2 defense method 70
2.2.1 One note 71
2.2.2 hide 73
2.2.3 copy 75
2.2.4 scattered and merged 78
2.2.5 re-Sort 80
2.2.6 81 ing 81
2.2.7 guidelines 84
2.2.8 imitating 85
2.2.9 display 87
2.2.10 condition-trigger 88
2.2.11 exercise 90
2.2.12 summary 91
2.3 conclusion 92
2.3.1 what are the requirements for attack/Defense models? 92
2.3.2 how to use the above model design algorithm 93
Chapter 4 Method of Analyzing programs 94
3.1 static analysis 95
3.1.1 control flow analysis 95
3.1.2 data stream analysis 103
3.1.3 data dependent analysis 107
3.1.4 alias analysis 109
3.1.5 slice 115
3.1.6 abstract parsing 116
3.2 dynamic analysis 118
3.2.1 debugging 118
3.2.2 splitting 129
3.2.3 trace 132
3.2.4 simulator135
3.3 source code reconstruction 137
3.3.1 disassembly 139
3.3.2 decompilation 146
3.4 Practical Analysis 155
3.4.1 programming style measurement 156
3.4.2 software complexity measurement 158
3.4.3 software visualization 159
3.5 conclusion 162
Chapter 2 code obfuscation 4th
4.1 obfuscation transformation of reserved semantics 164
4.1.1 algorithm obfcf: Diversity conversion 164
4.1.2 algorithm obftp: Rename the identifier 170
4.1.3 mixed management layer 173
4.2 definition 177
4.2.1 practical obfuscation conversion 178
4.2.2 obfuscation-caused overhead 181
4.2.3 concealment 181
4.2.4 other definitions 182
4.3 complicate control flow 183
4.3.1 opaque expression 183
4.3.2 algorithm obfwhkd: flattening control flow 184
4.3.3 use an alias 186
4.3.4 algorithm obfctjbogus: insert redundant control flow 191
4.3.5 algorithm obfldk: Execute the unconditional transfer command 195 through the jump function
4.3.6 attack 198
4.4 opaque predicates 201
4.4.1 algorithm obfctjpointer: generates an opaque predicate 202 from the pointer alias
4.4.2 algorithm obfwhkdopaque: the opaque value in array alias analysis is 204.
4.4.3 algorithm obfctjthread: non-transparent predicates generated from concurrency 205
4.4.4 attack opacity predicate 207
4.5 data encoding 211
4.5.1 encoding integer 213
4.5.2 obfuscation of Boolean variables 217
4.5.3 obfuscation of constant data 220
4.5.4 obfuscation array 222
4.6 structure obfuscation 226
4.6.1 algorithm obfwcsig: Merge function signature 226
4.6.2 algorithm obfctjclass: Decomposition and merge class 229
4.6.3 algorithm obfdmrvsl: Destroy advanced structure 232
4.6.4 algorithm obfajv: modifies the instruction encoding method 239
4.7 Conclusion 243
Chapter 2 confusion theory 5th
5.1 Definition 248
5.2 can prove to be a safe obfuscation: Can we do this? 249
5.2.1 Turing shutdown problem 250
5.2.2 algorithm reaa: Anti-obfuscation of programs 252
5.3 Can Prove safe obfuscation: Sometimes we can achieve 254
5.3.1 algorithm obflbs: confusion point function 254
5.3.2 algorithm obfns: obfuscation of database 261
5.3.3 algorithm obfpp: homomorphic encryption 263
5.3.4 algorithm obfcejo: white box DES encryption 267
5.4 can prove to be a safe obfuscation: (sometimes) 272 of tasks that cannot be completed
5.4.1 General obfuscators 273
5.4.2 obfuscation of the simplest program 276
5.4.3 proof of likelihood of obfuscation of all programs 277
5.4.4 conclusion 278
5.5 obfuscation that can prove safe: can this play still become 279?
5.5.1 jump out of the impossible haze 280
5.5.2 re-examine the definition: Construct an interactive obfuscation method 281
5.5.3 re-examine the definition: If obfuscation does not retain semantics, how can it be 283?
5.6 conclusion 286
Chapter 2 dynamic obfuscation 6th
6.1 Definition 290
6.2 code migration 292
6.2.1 algorithm obfkmnm: Replace the command 293
6.2.2 algorithm obfagswap: Self-modified state machine 296
6.2.3 algorithm obfmamdsb: dynamic code merge 307
6.3 encryption technology 311
6.3.1 algorithm obfcksp: code is used as the source of key generation 312
6.3.2 algorithm obfagcrypt: Combined with self-modified codes and encryption 318
6.4 conclusion 324
Chapter 4 software tamper-proofing 7th
7.1 definition 327
7.1.1 monitoring of tampering 328
7.1.2 response to tampering 331
7.1.3 system design 332
7.2 self-monitoring 333
7.2.1 algorithm tpca: Protection Code net 335
7.2.2 generate hash function 338
7.2.3 algorithm tphmst: hiding the hash value of 342
7.2.4 Software Protection Technology Used in Skype 349
7.2.5 algorithm rewos: Attack self-hash algorithm 352
7.2.6 comment 356
7.3 algorithm retcj: Response Mechanism 357
7.4 status self-check 360
7.4.1 algorithm tpcvcpsj: Negligible hash function 362
7.4.2 algorithm tpjjv: overlapping command 365
7.5 remote anti-tampering 368
7.5.1 distributed monitoring and response mechanism 368
7.5.2 solution 369
7.5.3 algorithm tpzg: Split function 369
7.5.4 algorithm tpslspdk: prevents tampering with 372 by ensuring remote machine hardware configuration
7.5.5 algorithm tpcns: continuously changing the code 375
7.6 Conclusion 376
Chapter 4 software watermarks 8th
8.1 history and applications 378
8.1.1 application 379
8.1.2 embed watermark 382 in audio
8.1.3 add watermark 383 to the image
8.1.4 embed a watermark 384 in a natural language text
8.2 software watermark 387
8.3 definition 388
8.3.1 watermark Reliability: 389
8.3.2 attack 391
8.3.3 watermark and fingerprint 392
8.4 embed a watermark by means of re-sorting 392
8.4.1 algorithm wmdm: rearrange the basic block 394
8.4.2 re-allocate resource 396
8.4.3 algorithm wmqp: improved reliability by 397
8.5 tamper-resistant watermark 400
8.6 improve watermark anti-interference capability by 403
8.7 enhanced concealment 408
8.7.1 algorithm wmmimit: Replace the command 409
8.7.2 algorithm wmvvs: embed watermark 409 in the control flow diagram
8.7.3 algorithm WMCC: Abstraction parsing 416
8.8 for implicit write watermark 421
8.9 divide the watermark value into several segments: 425
8.9.1 break down a large watermark into several small segments: 426
8.9.2 redundant watermark fragment 427
8.9.3 improved watermark reliability by 432 Using Sparse Encoding
8.10 editing/decoder 432
8.10.1 parent pointer to tree 433
8.10.2 base number chart 433
8.10.3 sorting chart 434
8.10.4 extended Flat Three-tree enumeration codes 434
8.10.5 sorting chart 435
8.11 comments 436
8.11.1 embedding technology 437
8.11.2 attack model 438
Chapter 2 dynamic watermarks 9th
9.1 algorithm wmct: Using alias 443
9.1.1 an example 443
9.1.2 problems in watermark recognition 445
9.1.3 Increase Data embedding rate by 447
9.1.4 increase the anti-interference performance of attacks by 452
9.1.5 increase concealment by 455
9.1.6 comment 458
9.2 algorithm wmnt: 459 concurrency
9.2.1 basic components for embedding watermarks 462
9.2.2 embedding example 467
9.2.3 recognition 469
9.2.4 avoid pattern matching attack 470
9.2.5 anti-tampering with components 471
9.2.6 comment 473
9.3 algorithm wmccdkhlspaths: Extended execution path 474
9.3.1 watermark representation and embedding 474
9.3.2 identification 479
9.3.3 comment 480
9.4 algorithm wmccdkhlsbf: tamper-resistant execution path: 481
9.4.1 embed 481
9.4.2 recognition 484
9.4.3 tamper-resistant reinforcement for jump functions 484
9.4.4 comment 485
9.5 conclusion 486
Chapter 1 software Similarity analysis 10th
10.1 applications 490
10.1.1 duplicate code filtering 490
10.1.2 software author identification 492
10.1.3 Plagiarism detection 495
10.1.4 birthmark detection 496
10.2 definition 497
10.3 K-Gram-based analysis 501
10.3.1 algorithm ssswawinnow: selectively records K-gram hash 501.
10.3.2 algorithm ssswamoss: Software Plagiarism detection 504
10.3.3 algorithm ssmckgram: K-gram "birthmark" 507 of Java bytecode
10.4 API-based analysis 509
10.4.1 algorithm sstnmm: object-oriented birthmark 510
10.4.2 algorithm sstonmm: "birthmark" 512 for dynamic function calls
10.4.3 algorithm sssdl: Dynamic K-gram API "birthmark" 513
10.5 tree-based analysis 514
10.6 graph-based analysis 518
10.6.1 algorithm sskh: PDG-based duplicate code filtering 518
10.6.2 algorithm sslchy: PDG-based Plagiarism detection 521
10.6.3 algorithm ssmcwpp: Dynamic birthmark of the entire program 522
10.7 software measurement-based analysis method 525
10.7.1 algorithm sskk: Software Measurement-based repeated code filtering 525
10.7.2 algorithm SSLM: metric-based software author identification 527
10.8 conclusion 532
Chapter 4 hardware protection software 11th
11.1 use of released physical devices for anti-piracy 535
11.1.1 protection of release disks 536
11.1.2 software dog and encryptor 541
11.2 start authentication by using the Trusted Platform Module 545
11.2.1 trusted start 546
11.2.2 evaluation result 548
11.2.3 TPM 550.
11.2.4 interrogation verification process 551
11.2.5 questions about social credibility and privacy 553
11.2.6 application and dispute 555
11.3 encrypted Executable File 556
11.3.1 XOM architecture 557
11.3.2 prevent replay attack 560
11.3.3 patch vulnerability-specific address bus 561
11.3.4 fix vulnerable data bus 564
11.3.5 commenting 565
11.4 attack and tamper-proofing devices 565
11.4.1 listening bus-cracking Microsoft's Xbox 566
11.4.2 speculative command-cracking dallas semiconductor's ds5002fp microprocessor 567
11.4.3 cracking smart card 570
11.4.4 non-intrusive attack 573
11.4.5 motherboard-level protection 574
11.5 conclusion 576
References 578
This book is from: China Interactive publishing network