Tamper Resistant Software

An Implementation

By David Aucsmith, IAL

“This paper describes a technology for the construction of tamper resistant software.”

Presented by Weimin Yang28 March 2001

Contents

Overview Threat Model Design Principles Tamper Resistant Software Architecture

– Integrity Verification Kernel– Interlocking Trust

Overview

Definition: “Tamper resistant software is software which is resistant to observation and modification.”

Approach to develop tamper resistant software: – Classify threat model– Develop design principles– Implement a set of tools

Threat Model (I)

Attack originates outside of the PC.

–Bounded by communication protocol–Standard “hacker attack”.–Best defended by correctly designed and implemented protocols and proper administration.

Threat Model (II) Attack originates as software running on

the platform.

–Bounded by operating system and BIOS–Try to attack classes of software–Virus or Trojan horse attack

Threat Model (III)

The perpetrator has complete control of the platform.–Limited by technical expertise and financial resources.–Raise a technological bar to providing poor return on their investment.

Technological Bars To model(III)

a.) Use standard debuggers and system diagnostic tools

b.) Use special debuggers such as softIce

c.) Use processor emulator and bus logic analyzers

Design Principles

Software to be tamper resistant must be immune from observation and modification, this require it contains secret component and ensure the recovery of that secret is difficult.

Integrity Verification Kernel

“A small, armored segment of code which is designed to be included in a larger program and performs the following two functions:”

1. Verifies the integrity of code segments or programs.

2. Utilizes five defenses:– Interleaved tasks

– Distributed secrets

– Obfuscated code

– Installation unique modifications

– Non-deterministic behavior

Installation unique modifications

IVK is constructed at installation time.– Each instance of program contains different

IVK.– To defend class attack.

Interlocking Trust

Integrity Verification Kernels System Integrity Program

– A program monitors the integrity of the security components of the computer system.

– Contains eIVK which has a known entry point– Created at installation time

Integrity Verification Protocol– Used to establish a distributed trust

environment.

System overview

Program1 Program 2

Integrity Program

IVK IVK

eIVK IVK

1a

1b

1c2a

2b

2c

Conclusion

Based on analysis of threat model, author invent an Integrity Verification Kernel which hide secretes both in space and time. Further more, using interlocking mechanism make the secretes more difficult to be discovered.

Why Installation unique modifications can be used to defend class attack?

- Attacker may analysis a given program successfully but still can’t predict any other program looks like.