ETRI Journal

Electronics and Telecommunications Research Institute (한국전자통신연구원)
권호 표지
DOI QR코드

DOI QR Code

Secure and Efficient Code Encryption Scheme Based on Indexed Table

  • Cho, Sung-Kyu (School of Information and Communication Engineering, Sungkyunkwan University) ;
  • Shin, Dong-Hwi (School of Information and Communication Engineering, Sungkyunkwan University) ;
  • Jo, Hea-Suk (School of Information and Communication Engineering, Sungkyunkwan University) ;
  • Choi, Dong-Hyun (School of Information and Communication Engineering, Sungkyunkwan University) ;
  • Won, Dong-Ho (School of Information and Communication Engineering, Sungkyunkwan University) ;
  • Kim, Seung-Joo (School of Information and Communication Engineering, Sungkyunkwan University)
  • Received : 2010.01.26
  • Accepted : 2010.07.15
  • Published : 2011.02.28
Download PDF
⟨ Previous Next ⟩

Abstract

Software is completely exposed to an attacker after it is distributed because reverse engineering is widely known. To protect software, techniques against reverse engineering are necessary. A code encryption scheme is one of the techniques. A code encryption scheme encrypts the binary executable code. Key management is the most important part of the code encryption scheme. However, previous schemes had problems with key management. In an effort to solve these problems in this paper, we survey the previous code encryption schemes and then propose a new code encryption scheme based on an indexed table. Our scheme provides secure and efficient key management for code encryption.

Keywords

References

  1. Business Software Alliance. Available: http://www.bsa.org
  2. B. Barak et al., "On the (Im)possibility of Obfuscating Programs," Advances in Cryptology, LNCS, vol. 2139, 2001, pp.1-18.
  3. C. Collberg and C. Thomborson, "Watermarking, Tamper- Proofing, and Obfuscation-Tools for Software Protection," IEEE Trans. Software Eng., vol. 28, no. 8, 2002, pp. 735-746. https://doi.org/10.1109/TSE.2002.1027797
  4. C. Collberg, G. Myles, and A. Huntwork, "Sandmark-A Tool for Software Protection Research," IEEE Security and Privacy, vol. 1, no. 4, 2003, pp. 40-49. https://doi.org/10.1109/MSECP.2003.1219058
  5. C.S. Collberg, C. Thomborson, and D. Low, "A Taxonomy of Obfuscating Transformations," Dept. of Computer Sciences, Univ. of Auckland, Tech. Report, no. 148, 1997.
  6. E. Eilam, Reversing: Secrets of Reverse Engineering, Wiley Publishing, Inc., 2005.
  7. J.M. Memon et al., "A Study of Software Protection Techniques," Innovations Adv. Techniques Computer Inf. Sci. Engin., 2007, pp. 249-253.
  8. J. Cappaert et al., "Toward Tamper Resistant Code Encryption: Practice and Experience," LNCS, vol. 4991, 2008, pp. 86-100.
  9. J. Cappaert et al., "Self-Encrypting Code to Protect Against Analysis and Tampering," 1st Benelux Workshop Inf. Syst. Security, 2006.
  10. D.W Jung, H.S Kim, and J.G. Park, "A Code Block Cipher Method to Protect Application Programs From Reverse Engineering,"J. Korea Inst. Inf. Security Cryptology, vol. 18, no. 2, 2008, pp. 85-96 (in Korean).
  11. G. Wroblewski, General Method of Program, Code Obfuscation, PhD thesis, Wroclaw University of Technology, Institute of Engineering Cybernetics, 2002.
  12. D. Low, "Protecting Java Code via Code Obfuscation," Crossroads, vol. 4, no. 3, 1998, pp. 21-23. https://doi.org/10.1145/332084.332092
  13. C. Linn and S. Debray, "Obfuscation of Executable Code to Improve Resistance to Static Disassembly," ACM Conf. Computer Commun. Security, 2003, pp. 290-299.
  14. S. Chow et al., "An Approach to the Obfuscation of Control- Flow of Sequential Computer Programs," LNCS, vol. 2200, 2001, pp. 144-155.
  15. Y. Sakabe, M. Soshi, and A. Miyaji, "Java Obfuscation Approaches to Construct Tamper-Resistant Object-Oriented Programs," IPSJ Dig. Courier, vol. 1, 2005, pp. 349-361. https://doi.org/10.2197/ipsjdc.1.349
  16. Tao Zhang, Santosh Pande, and Antonio Valverde, "Tamper- Resistant Whole Program Partitioning," Proc. Conf. Languages, Compilers, Tools Embedded Syst., vol. 38, 2003, pp. 209-219.
  17. R. Rivest, The RC4 Encryption Algorithm, RSA Data Security, Inc., Mar. 1992.
  18. NIST, "Secure Hash Standard," Fed. Inf. Process. Std., FIPS- 180-1, Apr. 1995.
  19. M.R. Stytz and J.A. Whittaker, "Software Protection: Security's Last Stand," IEEE Security Privacy, vol. 1, no. 1, 2003, pp. 95-98. https://doi.org/10.1109/MSECP.2003.1177004

Cited by

  1. TVA 메타데이터 전송과정에서 단편화에 의한 성능 감소를 회피하기 위한 효율적인 캡슐화 방식 vol.c37, pp.7, 2012, https://doi.org/10.7840/kics.2012.37.7c.627
  2. The Enhanced Encapsulation Architecture to Improve TV Metadata Encoding Performance by Schema Optimizing Mechanism vol.ed98, pp.8, 2015, https://doi.org/10.1587/transinf.2014edp7113