ECOM 6031

Content
Content Copyright protection Case of CSS Case of Broadcast encryption technique in CPRM Case of HDCP Software Copyright Protection (Method 1) Software Watermarking ( ) g (Method 2) Registration Key (Method 3) Tamper-proof Hardware Token (Method 4) Obfuscation Final Remarks

Fundamentals of e-Commerce Security

(Dr KP Chow, Dr Lucas Hui)

Lecture 4: Content and Software Protection

Dr Lucas Hui (CYC307, 28592190 hui@cs hku hk) (CYC307 28592190, hui@cs.hku.hk)
1 2

Content IP Protection
Merchants wish: the machine will refuse presenting the content in case of access right violation Digital Content + access right (e.g. DVD region code) i d ) info

DVD copyright protection Case 1: The CSS story

CSS : Content Scrambling System
The encryption system that most commercial DVDs used CSS is weak in cryptographic strength:
Using block cipher With a 40-bit key hash 40 bit key, function (some literature said it contains secretsharing mechanisms) Fits the US export restriction for cryptographic products Using a proprietary algorithm rather than popular block ciphers Can be c ac ed in minutes us g modern Ca cracked utes using ode technology 4

Customers machine Merchant Web site

CSS Story y
CSS : Content Scrambling System
M i goal: stop piracy Main l t i Apply encryption technology Other goals: region coding, non-skippable FBI warnings, avoid second generation copying, other artificial restrictions DVD manufacturers, player manufacturers, have to sign obtain a license (to use the encryption technology)
Pledged not to produce non-complaint machine Not to reveal copy protection scheme
5

Two major camps in Linux community

LSDVD: working on a licensed DVD player LiViD : working on creating a f ki ti free opensource version of DVD for Linux DeCSS (released on LiViD at 1999):
a software published by Jon Johansen which decrypts the CSS d t th Johansen (a 16-year old youngster in Norway), who later (2006) hacked Fairplay the Apple Fairplay, iTunes closed system not the only one being sued not the first one to publish CSS decryption tools on Web
6

Info about security on some published claimed to behave like CSS scheme is as follows. 2 kinds of keys: Player key P1, P2, , Pn (n is around 400), each brand f l b d of player h a unique k has i key Disk key D (each DVD disk has a unique key) There is a disk key data block on the DVD which contains 40-bit A 40 bit hash (H) of D (looks like not a popular hash algorithm like SHA-1 or MD5) D encrypted with P1 (denoted as EnP1(D) ) D encrypted with P2 ( EnP2(D) ) D encrypted with Pn ( EnPn(D) )

When Player Brand 99 reads the DVD, it will perform

Decrypting EnP99(D) to retrieve D y g ( ) Perform a verification D = Decrypt (H, D) (with a p p proprietary decryption algorithm) y yp g ) Use D to decrypt title key (a key unique to each title) ) Use the title key to decrypt the data blocks

Crypto Objects in CSS Scheme yp j

Potential weakness
EnT (Data) EnP1 (D) EnP2 (D) EnP3 (D)

EnP99 (D)

EnD (T)

If the key length of D is small (40 bit) with H (40-bit), being known, exhaustive search on D using the verification formula is possible The decryption algorithm is badly designed, enabling a disk key to be found in 18 seconds with a Pentium III (with more elaborated cryptanalysis techniques) yp y q ) If one player key is cracked, advanced cryptanalysis is possible to crack another player key Actually, if one player key is cracked, all DVDs can be read 10

Alternatives to DVD protectionp Watermarking

Addition of watermarks in the DVD content. The watermarks contain the copyright notices. A compliant player will refuse to play the DVD if It cannot extract those watermarks The watermark is supposed to be changed (this requires an integrity checking of the watermark, which is possible by directly applying the hash function technique)
11

Alternatives to DVD protection Watermarking (2) W t ki

Counter arguments to this approach Cannot avoid non-compliant players The design of watermark requiring (1) integrity control, (2) robustness (error correction) is complicate (Serious Problem) If one player key is cracked, cracked there is no way to renew the player key, without disabling the old players in p y g playing new DVDs. How can we solve this?
12

DVD copy protection schemes

Case of Broadcast Encryption Technique in CPRM yp q
CSS (Content Scrambling System)
A straight-forward solution t i ht f d l ti Pre-recorded DVD-Video content is encrypted Device without the decryption key cannot playback y y y

Some early potential alternatives to CSS to achieve DVD copy protection CGMS CPPM CPRM DTCP AACS

CGMS (Copy Generation Management System)

The Macrovision DVD Copy Protection system Store two bits in the header of MPEG-2 stream to indicate whether copying is allowed or not
2 format and 3 states

the equipment making the copy has to recognize and respect the CGMS

CPPM (Content Protection for Pre recorded Media) Pre-recorded

Replace CSS Keys are stored in the lead-in (read-only) area of the disc
14

13

DVD copy protection schemes (2)

CPRM (Content Protection for Recordable Media)
Proposed by IBM, Intel, Matsushita and Toshiba supported by all DVD recorders released after 1999 Making M ki use of CGMS f Writable DVD drives are prevented from indiscriminately copying protected content A general solution to the Broadcast Encryption Problem

DVD copy protection schemes (3)

AACS (Advanced Access Content System)
Successor of CSS, final specification posted 2010 It is like CSS + a tree-based broadcast encryption structure like CPRM CPRM Since appearing in devices in 2006, several AACS decryption keys have been extracted from weakly protected software players and published on the Internet, allowing decryption by Internet other unlicensed software

DTCP (Digital Transmission Content Protection)

Proposed by Intel, Son Hitachi, Mats shita and Toshiba b Intel Sony, Hitachi Matsushita, Anti-DVD copying Making use of CGMS

15

16

DVD Protection Conceptual Scenario

Time 2005
Key 1 Key 2 y
DVD Player 1 2005 DVD DVD Player 2

Case of Broadcast Encryption Technique in CPRM

One potential approach to solve the DVD copyright technical p py g problem ( least p (at partially) y) CPRM (Content Protection for Recordable Media) technology
Using Broadcast encryption technique Developed in 1998 Used in DVD, Secure Digital Memory Card or Secure CompactFlash

2006 2007

Key is K 2 i exposed d
2005 DVD Player 1 Old Player 2 New Player 2 ??? Player

Key 1

Key 2

Key 2

Key 2

2007 DVD

Q: What key should be contained in a commercial DVD writer machine?

17 18

(one solution: use a key which is used in every commercial DVD reader)

The CPRM scheme

Each DVD (or more general, data to be protected) with contains a key management block y g There is a management key/Master key (k) similar to the disk key in CSS. That is the information that enable the th reading of the whole DVD content di f th h l t t There is a CPRM matrix (with 16 columns, and around 2500 rows) Each device (that reads the DVD legally) will have 16 different device keys, one key per column y y Two devices may have some common device keys Very unlikely to have 2 or more common device keys

The CPRM matrix

Each entry contains the encrypted Master Key (k) by a device key (dj)
Denoted as En(dj, k)

Some entries can be voided (if the device key is cracked) Note: there are a lot of different device keys !!!

19

20

Normal CPRM matrix

Assume Ej = En(dj, k), & a device knows E1 E16
E4 E1 E3 E6 E8 E2 E7 E9
E10 E12 E13 E16 E11 E14

Consider 2 different brands of player: (assume 2500 rows)

Prob of device key in first column the same
1/2500

Prob of all 16 device keys identical

(1/2500) ^ 16 = 4 * 10-55

Prob of all 16 device keys different

(1 ( 1/2500) ^ 16 = 0.9936 / )

Prob of exactly 1 device key different

C161 * ( 1/2500 * (1 1/2500)^15 ) = 16 * ( 0.004 ) = 0.00636
E15
21 22

...
E5

Operation of CPRM p
Each device knows
The 16 device keys (one in each column) The position of that 16 device keys in the CPRM matrix

If a device key ( y d99) is cracked y (say

Later, produced DVDs will have CPRM matrix modified The entries in the device key are voided Compliant (Legal) devices will use other device keys other than d99 Non-compliant devices using d99 can only read old p g y DVDs (before the d99 entries are voided) Will not affect other devices In the matrix-based scheme (CPRM), if many device keys are cracked, the scheme is cracked More advanced schemes using trees of keys called Logical Key hierarchy (LKH) can make the scheme has a much longer life (still in research product 24 stage).

To extract the management key, g y,

read any one of the 16 device key positions in the matrix If that position is voided, try another one. A device can read the DVD provided that at least one device key entry can be read
23

After some device keys being voided:

Normal entry: Voided entry:

Content IP Protection Remarks

Steganography is also used in IP right protection (watermarking) There are techniques to destroy/modify the watermark Without making some assumptions in the client-side machine watermarking cannot avoid machine, illegal copying (e.g. Advanced cryptographic schemes (e g Broadcast encryption technique) are used to assist the IP right p g protection p problem Against, certain assumptions on client-side machine are needed
25 26

E4 E1 E3 E6 E8 E2 E7 E9
E10

E11 E14 E12 E13 E16

...
E5
E15

Case of High-bandwidth Digital g g Content Protection (HDCP)

A form of digital copy protection developed by Intel Corporation. Prevent copying of digital audio and video content as it travels across DisplayPort, Digital Visual Interface (DVI), High-Definition High Definition Multimedia Interface (HDMI) Gigabit (HDMI), Video Interface (GVIF), or Unified Display Interface (UDI) connections
Transmitter Mutual authentication Receiver Encrypted data transmission

HDCPs device keys

Each HDCP-capable device has a unique set of 40 56bit keys. E h set of Device P i Each f D i Private K Keys i associated with a is i d ih special public key called a KSV (Key Selection Vector). Each HDCP Transmitter has assigned to it a unique KSV from all other HDCP Transmitters. g q Each HDCP Receiver has assigned to it a unique KSV from all other HDCP Receivers. Each KSV consists of 40 bits (one bit for each HDCP key), ith k ) with 20 bit set t 0 and 20 bit set t 1 bits t to d bits t to 1.

HDCPs device keys - sample

HDCP Scheme Diagram

Transmitter (A) Public Key (40-bit KSV): Apub Receiver (B) Public Key (40-bit KSV): Bpub

Private Key (40 56-bit key): Apri

Private Key (40 56-bit key): Bpri

HDCP Scheme (key exchange)

Transmitter (A) Public Key (40-bit KSV): Apub Receiver (B) Public Key (40-bit KSV): Bpub

HDCP Scheme(Encryption)
Transmitter (A) Public Key (40-bit KSV): Apub Receiver (B) Public Key (40-bit KSV): Bpub

Private Key (40 56-bit key): Apri

Private Key (40 56-bit key): Bpri

Private Key (40 56-bit key): Apri

Private Key (40 56-bit key): Bpri

Bpub

Apub

Km

HDCP Cipher Ci h
Data (Encrypted)

Km

HDCP Cipher Ci h
Data

Compute: Km = Apri . Bpub

By design: Km = Km

Compute: C t Km = Bpri . Apub

Data

Using HDCP Cipher, with input Km , data are encrypted & sent

Using HDCP Cipher, with input Km , data are decrypted

I. I Authentication
Purposes
Before sending data, a transmitting device checks that th th t the receiver is authorized t receive it i i th i d to i it. Stop HDCP-encrypted content from being played on non-licensed devices devices. Prevent the HDCP content from being copied by the modified devices.

I. I Authentication (cont.) (cont )

HDCP Transmitter (A) sends an initiation message containing its KSV (Aksv) and a 64-bit pseudo-random value (An) to the HDCP Receiver (B). HDCP Receiver responds by sending a response message containing th receivers KSV (Bk ) t i i the i (Bksv). HDCP Transmitter verifies that the HDCP Receivers KSV has not been revoked.

Function
Establishes shared values between the two HDCP Devices if both devices have a valid Device Key Set from the Digital Content Protection LLC.

I. I Authentication (cont.) (cont )

If both HDCP Devices have a valid array of secret device keys and corresponding KSV from the Digital Content Protection LLC then they can each LLC, calculate a 56-bit shared secret value, Km (or Km' ) in the video receiver).
Each device calculates Km (or Km ) by adding a selection of its private device keys described by the other device s KSV, using 56-bit binary addition (i e devices KSV 56 bit (i.e. unsigned addition modulo 256). The selection of secret device keys that are added together consists of those corresponding to the bit indexes of all of the 1-bits of the binary representation of the KSV.

I. I Authentication (cont.) (cont )

For example:
Suppose Bksv equals 0x5A3. For the binary representation of 0x5A3 bit positions 0 1 5 7 8 and 0x5A3, 0, 1, 5, 7, 8, 10 are ones and all other bit positions are zeros. Device A will add its own secret device keys at array indexes 0, 1, 5, 7, 8, and 10 together to calculate the shared secret value, Km. Device B will perform an analogous calculation using its own private key array and Device As KSV to get As Km'.

If either device has an invalid set of secret device keys or corresponding KSV, then Km will not be equal to Km'.

I. I Authentication (cont.) (cont )

The HDCP Cipher function hdcpBlkCipher is then used to calculate three values, Ks, M0, and R0.

II. II Encryption
Purposes
If authenticated, t e t a s tte e c ypts t e data aut e t cated, the transmitter encrypts the to prevent eavesdropping as it flows to the receiver. Defense against man-in-the-middle attacks.

The cipher initialization values for this calculation are Km (or Km'), ), and the 65-bit concatenation of REPEATER with An. The session key Ks is a 56-bit secret key for the HDCP Cipher. M0 is a 64-bit secret value used in the second part of the 64 bit authentication protocol (for repeater), and as a supplemental HDCP Cipher initialization value. R0' is a 16-bit response value that the video receiver returns to the HDCP Transmitter to provide an indication as to the success of the authentication exchange.

Function
Each pixel is encrypted by applying an XOR operation with a 24-bit number produced by a generator. The HDCP specifications ensure t Th ifi ti constant updating of keys after each encoded frame. frame

If authentication was successful, then R0' will be equal to R0. If authentication was unsuccessful, th R0 and R0''will, i most th ti ti f l then d ill in t cases, differ.

II. II Encryption (cont ) (cont.)

HDCP Cipher produces the 24-bit wide k Ci h d th 24 bit id keydependent pseudo-random stream during data periods for every pixel of HDCP Content to be encrypted. An example for encryption stream mapping:

II. II Encryption (cont.) (cont )

HDCP Encryption is applied at the input to the T.M.D.S. T M D S Encoder and decryption is applied at the output of the T.M.D.S. Decoder. HDCP Encryption consists of a bit-wise exclusive-or (XOR) of the HDCP Content with a pseudo-random f th C t t ith d d data stream produced by the HDCP Cipher.

III. III Key revocation

Purposes
Prevents devices that have been compromised and cloned from receiving data. N t that manufacturers who want to make a Note th t f t h tt k device that supports HDCP must obtain a license f li from I t l subsidiary Di it l C t t Intel b idi Digital Content Protection, pay an annual fee, and submit to various conditions. i diti

III. III Key revocation (cont.) (cont )

Through a process defined in the HDCP Adopters License, f C the Digital Content Protection LLC may determine that a set of Device Private Keys has been compromised. If so, it places the corresponding KSV on a revocation list that the HDCP Transmitter checks during authentication. The lists are signed with a DSA digital signature, which is meant to keep malicious users from revoking legitimate devices. Other authorized HDCP receivers are not affected by this revocation because they have different sets of Device Private keys. The HDCP Transmitter is required to manage system renewability messages (SRMs) carrying the KSV revocation list. list

III. III Key revocation (cont.) (cont )

III. III Key revocation (cont.) (cont )

The size of the First-Generation HDCP SRM will be limited to a maximum of 5kB. The actual size of the First Generation SRM is 5116 First-Generation bytes. For scalability of the SRM, the SRM format supports y , pp next-generation extensions. By supporting generations of SRMs, an HDCP SRM can, can if required in future grow beyond the 5kB limit to future, accommodate more KSVs. Next-generation extensions are appended to the g current-generation SRM in order to ensure backward compatibility with devices that support only previous g generation SRMs.

Flaws demonstrated by cryptanalysis Fl d t t db t l i

S. Crosby, etc. A Cryptanalysis of the High-Bandwidth Digital Content Protection System, Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management, DRM '01 pp: 192-200 2001 01, 192 200, 2001.

The flaw
HDCP uses a linear system for generating the shared secret. ApubBpri=Km=Km=BpubApri The flaw is that any device whose public key is a linear combination of public keys of other devices will, when assigned a p private key that's a similar linear y combination of the other devices private keys, successfully authenticate.

HDCP's linear key exchange is a fundamental weaknesses. eaknesses

Attackers can: Eavesdrop on any data p y Clone any device with only their public key Avoid any blacklist on devices Create new device key vectors vectors. In aggregate, can usurp the authority completely.

Idea to break
If we know:
Bpub & Bprii and Cpub &Cprii are legal device, device b b

Break
Assume:
We have the public and private keys from 40 devices B(i). We have enough p g private keys Bpri(i), whose public keys y ( ), p y span M (Z/256Z)40, the module generated by all public keys assigned by the central authority. All of these devices will successfully authenticate with A.

then
(Bpub + Cpub ) & (Bpri + Cpri ) are also valid k l lid keys

Proof: For any other valid device A, we have ApubBpri = BpubApri ApubCpri = CpubApri p p p p Therefore Apub(Bpri + Cpri ) = (Bpub + Cpub )Apri We can generate many other legal keys When we have 40 independent valid key pairs, we can generate ALL valid keys in the scheme!!!

As the subspace is 40 dimensional, a set of at most 40 keys will be enough. C Consider any d i C with Cpub M whose public k id device ith M, h bli key and private key are any non-zero linear combination of B(i)'s public and p () p private keys. y
Cpub = 40i=1(aiBpub(i)) Cpri = 40i=1(aiBpri(i))

Authenticate
Let A and C authenticate

Decryption
Thus, for any device C with Cpub M, we can decrypt any stream in O(402) work by rewriting Cpub as a linear combination of Bpub(i) (i).

When A and C authenticate

WeknowKshared(i)=Kshared(i) foralli becauseby assumption,B(i) ssuccessfullyauthenticatewithA. assumption B(i)'s successfully authenticate with A Therefore,Kshared =Kshared andthisauthentication succeeds.

Master key release

On Sep. 14, 2010, the Engadget website reported the release Sep 14 2010 of a possible genuine HDCP master key which can neutralize the key revocation feature of HDCP. It was not immediately clear who discovered the key or how they discovered it, though the discovery was announced via a Twitter update which linked to a Pastebin snippet containing the key and instructions on how to use it. Engadget said the attacker may have used the method proposed by Crosby in 2001 to retrieve the master key, although they cited a different researcher researcher. On Sep. 16, Intel confirmed that the code had been cracked. Intel has threatened legal action against anyone producing hardware to circumvent the HDCP possibly under the DMCA HDCP, DMCA. Devices to view HDCP signals are available in market, those Intel threatened to sue any illegal devices

Some of the 376 lines of HDCP master key code posted anonymously to the Internet.

References
HDCP, LLC., High-bandwidth Digital Content Protection (HDCP) System Revision 1.4, July 8, 2009 S Crosby, etc A Cryptanalysis of the High Bandwidth S. Crosby etc. A High-Bandwidth Digital Content Protection System, Revised Papers from the ACM CCS-8 Workshop on Security and Privacy in Digital Rights Management, DRM '01 pp: 192 200 Management 01, 192-200, 2001. Wikipedia, http://en.wikipedia.org/wiki/Highbandwidth_Digital_Content_Protection

Discussion Question
Are those content protection solutions useful for a company to protect the inhouse digital assets? Company product design diagrams Web documents etc

54

Software IP Protection
Merchants wish: the software will refuse to run when detecting access right violation

Software Intellectual Property protection

Problem: A normal software code (agent) running on a malicious host Software has to protect itself
Against copying (almost impossible) Against re-engineering A i t modification/tampering Against difi ti /t i

Software + access right info (e.g. registration number) i t ti b )

Customers C t machine

Use legal framework to protect: E R i t ti of software, serial nos., etc E.g Registration f ft i l t Sending of user information from execution platform (may or may not be legal) This is just a monitoring process. It has to combine with some other techniques
55 56

Framework
A malicious software code running on a normal host <Hacking>
The host has to perform monitoring, intrusion detection, and other security measures t d t ti d th it to minimize the damage by the malicious code

Defense against malicious host attacks: 1stt method - Software watermarking

Putting watermarks in the software g Mainly used to defense piracy Static watermarking Stat c ate a g
(e.g. constant table, diagrams, logos)

A normal software code ( l f d (agent) running on a ) i malicious host <Software Protection>

Software has to protect itself Against copying g py g Against re-engineering Against modification/tampering
57

Dynamic watermarking y g
Relatively new, not very common The watermark only appear after the program is executed (e.g. appear in the execution trace log)

Mainly to scare off piracy intention of the users Aims: fast, high data rate, hard to detect (normal steganography properties)
58

Attacks to Software watermarking g

A.k.a. dewatermarking techniques Additive attack: the hacker adds another watermark into the pirated software copy Distortive attack: the hacker transforms the pirated copy (something like obfuscation) to make the watermark unrecognizable Collusive Attack: the hacker obtains several copies of the software, and by comparing them, analyzing and removing the watermark y g g

The 2nd method : Registration Key g y

Requiring a legal user (buyer) to obtain a key
1. 1 By connecting software vendor (say via Internet) 2. Type in some information with the software purchased (e.g. the serial number) 3. Get a key (usually a long number) to use the software

The software will perform checking of this key (at the first ti fi t time to use the software, at start time of every use, t th ft t t t ti f or continuously) Cannot avoid the problem of a user releasing the registration key to others In some cases the tool to generate the key from cases, the serial number are known to hackers, and the hackers can generate as many as as they like g y y
60

59

An improvement of Registration Key method th d

A hardware token sold together with the software The software vendor site via Internet (may be problematic if Internet connection is not very reliable) Main concern in this improvement The hacker will re-engineer the software to bypass authentication checks th ti ti h k Therefore: we need tamper-proofing technology (Informally speaking: the software does not want the machine to inspect its execution)

Defense : the 3rd method Tamper-Proofing Hardware Token

Tamper-proofing Many approaches, the core idea is to refuse execution if the host environment seems hostile
Authentication with Hardware tokens Antidebugging Code encryption with decryption by software or hardware tokens

Mainly used to defense tampering Also used to defense dynamic analysis (analysis about the execution) of the program for reverse engineering purposes
62

61

Goals of Tamper-Proofing Hardware Token

As a convenient storage: keep the registration key in hardware A a defense t l t hackers As d f tool to h k Simply copying the software is not enough to create an illegal copy The hacker needs to either Copy (or clone) the hardware token Change the executable codes to bypass all hardware operations (require a lot of reverse engineering work)
63

Tamper proofing hardware tokens p p g

One common approach: perform copyright checking ( (I.e. authentication of a valid user) in various ) execution stages, using hardware tokens: Dongles: small hardware attached to I/O (serial/parallel/USB) port of a PC ( i l/ ll l/USB) t f Smartcards CD key disks (special disk with bad sector in specific locations) Attack to this approach: the hacker will change the machine instruction that perform hardware testing, to an unconditional j di i l jump to the code execution h d i The hacker may duplicate the hardware token (not so easy)
64

Token authentication
Code listing of s/w

Attack illustration
Machine instruction:

65

Code to test for existence of h/w token, online connection, etc k li i

Call hardware authentication test If (result is ok) goto code_execute Quit the program /* due to fail in h/w authentication */ p g No-op (no operation) If (1 == 1) goto code_execute t d t
66

Change to:

More complicate p p protection

Some of the machine codes are encrypted, and let the hardware token to perform decryption
More expensive H/W needed

Antidebugging gg g
The software search for the execution environment, if signature of some debugger or monitoring tools debugger monitoring tools exist, the software will kill itself Similar to the concept that the software is a hacking tool, and search for the signature of certain processes (e.g. check for active API calls/memory locations) [So this is hacking!!] If the software reports this situation by sending Internet messages, it is more lik stealing th i f i like t li the information f ti from the execution environment!!! [may not be legal in some cases] Another similar setting: the s/w tries to test whether it is running on a virtual machine simulator virtual simulator
68

Attack (more complicate) : replacing the encrypted codes with the decrypted codes.
This needs the decrypted codes to be discovered by tedious monitoring of the software execution

Note: the IP protection scheme is similar to p the operation of polymorphic viruses!!

67

The 4th method: Obfuscation

The make the software harder to read, so as to maximize the time to perform reverse engineering E.g. Java byte codes, machine instructions g y Used to maximize the reverse engineering time only. Cannot completely avoid reverse engineering E.g: code encryption with software The hacker has to trace along the program to discover where the key is stored (takes a long time, but still possible) Can be used together with registration key and/or hardware token 69

Obfuscation (2) ( )
Normal Practice Develop the software with normal Software Engineering practice (produce easily readable code) Use Obfuscation tools to modify different part of code systematically Example tool: SandMark (a long list of software Ob uscat o tools Obfuscation too s & watermarking too s) ate a g tools)
(www.cs.arizona.edu/sandmark/)

70

Example of Code obfuscation

Obfuscation Illustration

Original code

Obfuscated code

Source: Fig. 4 in Watermarking, Tamper-Proofing, and Obfuscation Tools for Software Protection, Collberg & g Thomborson, IEEE Transactions on Software Engineering, 28(8), p.735-746, August 2002
72

One Problem of Obfuscation

Obfuscation can be used by illegal companies to copy source code (e.g. a library) (e g One potential Solution : Software Dynamic Birthmarks Software Birthmarks Static birthmark one that can be extracted solely from the program source code Can be destroyed using obfuscation Dynamic birthmark th t is extracted when the program is executing. It that i t t d h th i ti relies on the run-time behavior of the program Cannot be destroyed by obfuscation
73

Software birthmarks
A software birthmark is a unique characteristic of a program that can be used to identify the program A relatively new th ft detection approach l ti l theft d t ti h

Dynamic birthmarks

Software IP Protection Remarks

Software Copyright protection technology involves Watermarking (I.e. information hiding) (I e Hacking & anti-hacking technologies Attack and defense techniques can be used in lawful or unlawful manner Current trend: instead of completely avoiding re reengineering, try to lengthen the time for the software to be re-engineered ( the cracked copy is available after g (if py one year, the financial loss is acceptable) A hot on-going research area

Still in research Existing approahes Mainly based on sequence of API calls i.e. try to match the API calls of two programs, to see h how similar th are i il they Research in CISC, Dept of CS, HKU S Study the objects in the dynamic heap i.e. try to match the objects created by two programs, t see how similar th are to h i il they Lets see the concrete results some time later

76

References
Disappearing Cryptography Information Hiding: Steganography & g y y g Watermarking, 2nd Edition, by P. Wayner, Morgan Kaufmann Publisher, 2002. To DVD or Not to DVD, by B. Simons, Communications of the ACM 42(5), p.31-32, May 1999 Broadcast Encryptions Bright Future, by Lotspiech, Nusser, & Pestoni, IEEE Computer, p.57-63, August 2002 Protecting Cryptographic Keys: The Trace and Revoke Approach, by Dalit Naor and Moni Naor IEEE Comp ter (J l 2003) 47 53 Naor, Computer (July 2003): 47-53 A set theoretic approach to broadcast encryption, by Thomas Martin, Technical Report RHULMA20055, Royal Holloway, University of London, London April 2005 (http://www rhul ac uk/mathematics/techreports) 2005. (http://www.rhul.ac.uk/mathematics/techreports) DVD Copy Protection: Take 2, by Tekla S. Perry, IEEE Spectrum, p. 38-39, Jan 2005. Watermarking, Tamper-Proofing, Watermarking Tamper-Proofing and Obfuscation Tools for Software Protection, by Collberg & Thomborson, IEEE Transactions on Software Engineering, 28(8), p.735-746, August 2002
77