Architecture for tamperevident and tamperresistant. Hong qu modern information technology and education center, lanzhou jiaotong university, lanzhou, china email. The design of tamperresistant implementations requires astrong awareness of thepotential implementation weaknesses that can become security. The options are mutually exclusive and therefore only one hard or xists at. The measures involved can be passive such as obfuscation to make reverse engineering difficult or active tamper detection techniques which aim to make a program malfunction or not operate at all if modified. We also describe a variant implementation assuming an untrusted operating system.
Introduction xilinx has been at the forefront of providing fpga and systemonachip soc at solutions to its customers for many generations. The quintessential performance of antitamper technology is made possible through software watermarking and fingerprinting, encryption wrappers, hardwareassisted protections, and code obfuscation. The tamperresistant paper law doesnt apply to prescriptions delivered to the pharmacy by telephone, by electronic transmission, by fax or. Theft of service attacks on service providers satellite tv, electronic meters, access cards, software protection dongles access to information information recovery and extraction.
Developing tamper resistant designs with xilinx virtex6 and. System implementation and experiments future work 12. The employment of tamper resistant hardware module decreases the usability of strong authentication schemes as end. The module being protected or the host module can be an application program, a library either statically linked or dynamically loaded, an operating system or a device driver. Nevada m edicaid su ggests t hat prescribers contact their s uppliers regarding tamperresistant pads.
Pdf tamper resistant software by integritybased encryption. In this paper, we present and explore a methodology that we believe can protect program integrity in a more tamper resilient and flexible manner. The aegis processor architecture for tamperevident and. Delayed and controlled failures in tamperresistant software gang tan. Design principles for tamperresistant smartcard processors. The paper then presents an architecture and implementation of tamper resistant software based on the principles described. The hardware implementation makes it resistant to software bugs, however, this level is not designed to be tamperresistant.
Common softwareprotection systems attempt to detect malicious observation and modification of protected applications. Our premise is that intelligent tampering attacks require knowledge of the program semantics, and this knowledge may be acquired through static analysis. Closely related to antitampering techniques are obfuscation techniques, which make code difficult to understand or analyze and therefore, challenging to modify meaningfully. Webpages tamperresistant products are mainly developed based on software 417. Strong authentication without tamperresistant hardware. Developing a secure computer system is not only a matter of design and prediction of possible issues and security breaches, it is very important to carefully design a software and make sure to secure as possible the inner implementation by use of some software engineering techniques as the encapsulation which reduces the exposure of code to. Tamper resistant prescription printing solutions plus. A tamper resistant approach that detects andor subvertscorrects the tampering actions in real time concurrently with the program execution is desirable.
Modeling and implementation 127 in section 3, we presenta graphbasedsecuritymodel forevaluating the strength of tts. Pharmacy commissionapproved tamperresistant prescription paper is widely available. Through small, armored code segments, referred to as integrity v eri. Extensive research has been devoted to the development of. This fact sheet contains updated information on a new law whose first phase of implementation went into effect april 1, 2008, and which requires that written prescriptions for covered outpatient drugs that are paid for by medicaid be executed on a tamperresistant prescription. The architecture consists of segment of code, called an integrity verification kernel, which is selfmodifying, selfdecrypting, and installation unique. Mechanism for software tamper resistance proceedings of the.
See the sample prescription form above for more prescription format information. In this paper, we present and explore a methodology that we believe can protect program integrity in a more tamperresilient and flexible manner. This document also provides guidance on various methods that can be employed to provide additional tamper resistance. Tamper resistant software through dynamic integrity checking ping wang.
What is needed, in this case, is tamper resistant software 2. Furthermore, ensure a complemen in the physical access control system to accept and process the tamper signal. Once preloaded,this software is inaccessible and unmodi. This will enable strong forms of software licensing and intellec. Tamperresistant software trs trs host tamper module detection tamper response. Starting insight corrupt the programs internal state. The measures involved can be passive such as obfuscation to make reverse engineering difficult or active tamperdetection techniques which aim to make a program malfunction or not operate at all if modified. Physical tamperresistant devices samir daoudis technical blog. Software tamperresistance mechanisms have increasingly assumed significance as a technique to prevent unintended uses of software. Design and implementation of automatic defensive websites. International workshop on security protocols, 1997. This paper addresses one aspect of software tamper resistanceprevention of static analysis of programs. In private and authenticated tamper resistant ptr environments,1 an additional requirement is that an adversary should be.
Method and arrangement for editing and displaying information. Such a response is designed to complicate attacks, but has also caused problems for developers and end users, particularly when bugs or other. Tamper resistant software through intent protection. With this application note, engineers can ensure that they are following at best practices to provide the highest level of protection of their fpga designs. This makes the code tamper resistant as the dual interpretation implies that a change in the code results in an unintentional change in the whitebox implementation. Making software tamper resistant is the challenge for software protection. Plus technologies in conjunction with a major printer vendor offers a solution to replace this expensive implementation with software that uses pantograph and microprint technologies to print tamper resistant prescriptions on plain paper. Tamperresistant prescription pads required april 1, 2008. Tamper resistance and hardware security partii security, computer laboratory, 03 february 2014 why do we need hardware security. Antitamper software or tamperresistant software is software which makes it harder for an attacker to modify it. Additionally, the adversary is unable to obtain any information about software or data by tampering with, or otherwise. The software tamperresistance technique presented in this paper is an application of whitebox cryptography in the sense that the.
Once the hacker gets the operating systems administrator privileges, destruction and illegal tampering will cannot be prevented. Software tamper resistance mechanisms have increasingly assumed significance as a technique to prevent unintended uses of software. If your current supplier is unable to provide tamper. Mechanism for software tamper resistance proceedings of. It is essentially tamper resistance implemented in the software domain. State of new mexico medical assistance program manual supplement. We create a mechanism, where code stored on disk or other media can be made so that it can only be executed, but cannot be read or modi. Anti tamper software or tamper resistant software is software which makes it harder for an attacker to modify it. Medicaid tamper resistant prescription law pharmacist fact sheet. The monitoring process must have some knowledge of the. We discuss an ultrasparc implementation in section iiia which leads into a generic implementation discussed in section.
The tamper resistant paper law doesnt apply to prescriptions delivered to the pharmacy by telephone, by electronic transmission, by fax or for inpatient care. Upon tamper detection, antihacking code may produce a crash or gradual failure, rendering the application unusable or troublesome. A secure and robust approach to software tamper resistance. The center for education and research in information assurance and security cerias is currently viewed as one of the worlds leading centers for research and education in areas of information security that are crucial to the protection of critical computing and communication infrastructure. To support copy and tamperresistant software, we propose a set of processor extensions, which are called xom, pronounced zom, an acronym for executeonly memory. Instead, in our system the trace collection and analysis software is preloadedbefore the raw data is gathered. It is the prescribers responsibility to use a ta mper resistant pad that meets the cms criteria. Otherwise, fax, phone call, or eprescribing should be.
Tamper resistance and hardware security partii security, computer laboratory, 03 february 2014. Tamper resistance mechanisms for secure embedded systems. The total size of the lookup tables is in the order of hundreds of kilobytes. Additionally, tamper and supervision input s must be available on the a intrusion systems reader interface units. These actions could include disabling the software, deleting the software, or making the software generate invalid results rendering it useless to the tampering adversary.
Physical reader security, tamper and supervisor features application note an0112, rev b. The paper then presents an architecture and implementation of tamper resistant software based on the principles. Distributed application tamper detection via continuous. The code runs on the main cpu, so a separate chip is not required. Section iii summarizes the facilities in modern generalpurpose processors which allow for our attack and details our implementation and results. Section 4 presents a test implementation and experimental results on spec benchmarks. Pharmacy commission tamper resistant prescription pad. Mobile agent applications have motivated much of the research in code protection overall and our work speci. Pl 11090 extended the implementation date of this law to begin effective april 1, 2008 this law essentially requires that when a practitioner gives a medicaid recipient a paper prescription, the prescription must be on tamper resistant paper. In this paper, the framework is extended to protect user space components in a multicore environment. The employment of tamperresistant hardware module decreases the usability of strong authentication schemes as end.
The quintessential performance of antitamper technology is made possible through software watermarking and fingerprinting, encryption wrappers, hardware. State of new mexico medical assistance program manual. Developing tamper resistant designs with xilinx virtex6. Tamper resistant software by integritybased encryption. Design and implementation of automatic defensive websites tamperresistant system jiuyuan huo modern information technology and education center, lanzhou jiaotong university, lanzhou, china email. In this paper, we present and explore a methodology. Software attacks use the normal communication interface of the processor and exploit security vulnerabilities found in the protocols, cryptographic algorithms, or their implementation. Delayed and controlled failures in tamperresistant software. Tamper resistant software through dynamic integrity.
The options are mutually exclusive and therefore only one hard or xists at one time. This makes the code tamper resistant as the dual interpretation implies that a change in the code results in an unin. Print tamper resistant prescriptions on plain paper. Authenticated environments such that any physical or software tampering by the adversary is guaranteed to be detected. Strong authentication without tamperresistant hardware and. The software tamper resistance technique presented in this paper is an application of whitebox cryptography in the sense that the technique makes the correct operation of the whitebox imple. Antitamper at is defined as the systems engineering and system security engineering activities intended to prevent andor delay exploitation of critical technologies in u. Pharmacy commissionapproved tamper resistant prescription paper is widely available. In its simplest incarnation, a tamperresistant software module resides in and protects another software module. Software tamper resistance through dynamic program.
Upon tamper detection, antihacking code may produce a crash or gradual failure. Anderson, editor, information hiding, pages 317333. This will enable strong forms of software licensing and intellectual property protection on portable as well as desktop computing systems. Common software protection systems attempt to detect malicious observation and modification of protected applications. The center for education and research in information assurance and security cerias is currently viewed as one of the worlds leading centers for research and education in areas of information and cyber security that are crucial to the protection of critical computing and communication infrastructure. Code modification is the main method for software piracy. At measures are developed and implement to protect critical program information cpi in u. The technique interprets the binary of software code as lookup tables, which are next incorporated into the collection of lookup tables of a whitebox implementation. Eavesdropping techniques monitor, with high time resolution, the analog characteristics of all supply and interface connections and any other. Tamper resistant software through dynamic integrity checking. This paper proposes one such antitamper methodology based on program monitoring.
228 1111 359 648 1045 1376 78 451 783 1428 1484 155 272 879 1124 923 802 742 510 406 445 779 27 755 65 384 758 40 519 754 1071 1127 620 641 1218 755 816 247 1219 1092 1283 705 1022 879 1236 1056 1011