Software Tamper-Proofing Technology Based On Hash Function

Along with the birth of computer networks,the new computing environment and computational models have had more distributed computing environment and distributed computing model.Remote Procedure Call,grid,web services,distributed computing,such as Mobile Agent technology is no longer a strange term,but has been more and more widely used.These new distributed computing models bring us a more powerful computing capacity,greater flexibility and convenience,but are followed by a series of security questions,there were not such security issues in the past under the stand-alone computing environment.By unidentified lot of software free to tamper with the user,and then emerged as a variety of undesirable phenomena such as copyright piracy.The normal manufacturer's sales and production are affected seriously.So far,the main means of attack have the following:1.Disassemble and decompile,for the attacker,these are usually the first step to achieve the attack;2.Analysis is mainly static analysis and dynamic analysis,the main difference is that static analysis does not require running the program;3.Tampere,usually at the completion of the static analysis,the malicious user needs changes to the program according to their own requirement;4. Difference analysis and so on.In a wide range of attacks,the software designers research a series of methods against attacks such as protection of property rights for software watermarking method,carried out for the analysis of obfuscation technology,Tamper resistance technology which targeted at the illegal tampering.More and more methods are being used against a variety of means to attack.In our article,the study focused mainly on research on tamper resistance.We respectively analyse and implement Oblivious hashing on Java byte code and the mutli-block encryption mechanism based on the integrity.It can be said in relation to software watermarking technology and obfuscation technology,tamper resistance technology is not mature,the scope of application is also very limited,so the research in this way are more urgent,research,and a tamper-resistant technology to improve the protection of the software industry will have far-reaching significance.In our study,tamper-resistant technology are carried out based on the hash function,the Hash function is important the password component,which not only can be used for digital signature scheme but can also be used to validate the authenticity of information sources and the integrity of the data,it can be compressed message of arbitrary length to a fixed-length summary of the information.In view of much of today's hash function has been possible to break,we have adopted a Sha-256 as a function of calculating the summary,because of the break of Sha-256 will be a very long process,we can for a long time to ensure that the methods robustness.In the course of our research,our study focus on two aspects,are designed to accommodate different languages and procedures,at the same time we hope to learn more tamper resistance technology.The first part,we mainly study the protection of Java byte-code method,as we all know,because of Java's platform independence,a growing number of byte-code to be downloaded to the client,the question followed by these is that analysing and tampering the bytecode are very convenient.For this problem,we analysed the Oblivious hashing tamper resistance technology and its application on the Java byte code,Oblivious hashing was originally designed for high-level language,and the working methods are to insert code and connecting a number of "monitor" command,matching value of prior procedures with the current value,if the value of the normal procedures are different,it will not be able to implement.Because of Oblivious hashing mainly compare the data in memory,it is easy to make the attacker ignore its existence.Java byte code in the application of Oblivious hashing,we put the main focus of the work on the constants (iconst) command and variables(iload) command,the matching of constant instructions is easy,we can directly preserve value in the memory,because of the uncertainty variable,the protection of relatively is difficult,but in view of process variables accounted for the majority of cases,our design process is to insert a number of commands,these commands through a number of means,the hash value of the variable "opposite number" calculated and stored in stack so that you can program at run-time variables to offset the impact of the final hash value,so as to achieve the purpose of tamper resistance.The second part of our research is mainly based on the integrity of the encryption mechanism aims to achieve tamper resistance.First of all,we analysi a multi-block encryption mechanisms before our design,encryption mechanisms such procedures are divided into common code,the integrity protection of code and code of private protection.One or more of the integrity of the code block are used as the hash value encryption and decryption code to protect the private key,to achieve the integrity of the process and part of private protection.However,because of different encryption mechanism that private protection code using different encryption and decryption process,so to protect the integrity of the design of such a mechanism would be very difficult,probably will have many additional code,reducing the efficiency of the implementation of the procedures.We analysis this method at the strengths and weaknesses and then design a more secure and convenient way.Here,we aimed at the process tree for a branch of research,first conducted a sub-branch block.Here we want to ensure each block should not contain the jump command to other block.This partition of block will have a block of different sizes.And then blocks must be in accordance with the encryption and decryption,the specific methods are:a summary of the b_ivalue as b_i+1of the encryption and decryption key,and so on.And we insert code controller,making the procedure at run-time decryption automatically and finish the job.Run at the process of decryption can not be normal if the key is wrong,the program has been tampered with.Therefore the procedure of implementation through a chain integrity protection mechanisms.Through the two kinds of methods designed to resist tampering with research,our understanding of software tamper-resistant technology become deeply,the two methods in our experiments and the process,we found in our static analysis method is carried out after tampering,resistance to achieve better results compared;and for dynamic analysis,our mechanism has not a perfect solution,we can only slow down or interfere with the dynamic analysis,dynamic resistance up from the fundamental analysis,there is still a long way to go.However,through this experiment we summed up the merits of both approaches and the lack of Java byte-code for one of the tamper resistance is to put a new technology on Java byte code,and ensures that the cost of smaller and more perfect resistance mechanisms,but such a mechanism may be through observation and analysis found that in order to achieve malicious tampered with to bypass the check,but we can work in the future try to fuzzy techniques or some other confrontation analysis technology to the U.S.technology,this can greatly enhance the strength of resistance.In addition,the integrity-based encryption mechanism,through the analysis is not difficult to find that,it can be very good resistance to static analysis,dynamic analysis and even for analysts will also give back the results of poor,mainly because,once the procedures found been tampered with,is not immediately terminate the procedure,but a piece of decryption when the next interruption,which makes it difficult for analysis the position of the protection of our procedures,making it even more difficult to distort;But here at the main U.S.mechanism for tree structure,the procedure may have more than one input at a later date,we will continue to study the work.