6533b859fe1ef96bd12b7ab6

RESEARCH PRODUCT

System for Executing Encrypted Native Programs

Amit ReshMichael KiperbergRoee LeonNezer Zaidenberg

subject

cyber-securitytrusted computinghypervisorattestation

description

An important aspect of protecting software from attack, theft of algorithms, or illegal software use, is eliminating the possibility of performing reverse engineering. One common method to deal with these issues is code obfuscation. However, in most case it was shown to be ineffective. Code encryption is a much more effective means of defying reverse engineering, but it requires managing a secret key available to none but the permissible users. The authors propose a new and innovative solution. Critical functions in protected software are encrypted using well-known encryption algorithms. Following verification by external attestation, a thin hypervisor is used as the basis of an eco-system that manages just-in-time decryption, inside the CPU, where decrypted instructions are then executed and finally discarded, while keeping the secret key and the decrypted instructions absolutely safe. The paper presents and compares two methodologies that perform just-in-time decryption: in-place and buffered execution. The former being safer, while the latter boasts better performance. peerReviewed

yearjournalcountryeditionlanguage
2017-01-01
http://urn.fi/URN:NBN:fi:jyu-201801181268