| Self-hashing forms of software tamper resistance have been considered efficient in protecting the integrity of an application. Hashing allows a running application to quickly determine whether the program code has been modified and respond accordingly.; Self-hashing relies on being able to accurately read the code of an application in memory. In this thesis, we demonstrate that hash code contained within the program being verified is vulnerable to attack. By using the modern processor's ability to separate code and data, self-hashing tamper resistance can be circumvented.; We describe several possible implementations of an attack in this thesis. We have implemented one form of attack. All implementations are generic (i.e. they only need to be implemented once to work on a wide range of applications) and fast. Understanding work detailed in this thesis will help future tamper resistance algorithms withstand our attack. |
PDF Full Text Request