Abstract
Software tamper resistence and disabling device cryptograghically are investigated via run-time result checking of computations. The device needs to receive a new cryptograghic key after each pre-set period of time in order to continue function. The software execution integrity is checked by the authority when deciding whether or not to give out a new key. If the modification of the software execution causes an error in the computational result, it can always be detected and the device can be disabled cryptograghically by not given a new key. The detection is done via a run-time result checking using a certificate-based technique. Certificate-based techniques for run-time result verification are designed to support a secondary checker computation of a result by the authority by using the same input together with a special output, namely, the certificate, utilized by the primary computation in the device. We have designed the properties in the formal definition that the certificate design needs to satisfy in order to allow the result be checked in a provably "fool-proof" manner. The checker computation is done by the authority after the certificate is returned from the device. Since the checker algorithm is only known to the authority, not anybody else, it is hard for the hacker to forge the right information to be included in the certificate to fool the checker.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bright, J., Sullivan, G.F., Masson, G.M.: A Formally Verified Sorting Certifier. IEEE Trans. Computers 46 (1997)
Jin, H., Sullivan, G.F., Masson, G.M.: Approximate correctness checking of computational results. IEEE Transaction on Reliability, 338–350
Chen, L., Avizienis, A.: N-version programming: a fault tolerant approach to reliability of software operation. In: Chen, L., Avizienis, A. (eds.) Digest of the 1978 Fault Tolerant Computing Symposium, pp. 3–9. IEEE Computer Society Press, Los Alamitos (1978)
Avizienis, A., Kelly, J.: Fault tolerance by design diversity: concepts and experiments. Computer 17, 67–80 (1984)
Avizienis, A.: The N-version approach to fault tolerant software. IEEE Trans. on Software Engineering 11, 1491–1501 (1985)
Anderson, T., Lee, P.: Fault tolerance: principles and practices. Prentice-Hall, Englewood Cliffs (1981)
Blum, M., Kannan, S.: Designing programs that check their work. In: Proceedings of the 1989 ACM Symposium on Theory of Computing, pp. 86–97. ACM Press, New York (1989)
Blum, M., Kannan, S.: Designing Programs that Check Their Work. Journal of ACM 42(1), 269–291 (1995); In: Proceedings of the 1989 ACM Symposium on Theory of Computing, pp. 86–97. ACM Press, New York (1989)
Blum, M., Luby, M., Rubinfeld, R.: Self-Testing/Correcting with Applications to Numerical Problems. In: Proc. 22 ACM Symp. of Theory of Computing, pp. 73–83 (1990)
Yao, A.C.-C.: Coherent Functions and Program Checkers. In: Proc. 22 ACM Symp. of Theory of Computing, pp. 84–94 (1990)
Blum, M., Evans, W., Gemmell, P., Kannan, S., Naor, M.: Checking the Correctness of Memories. In: Proc. 32nd IEEE Symp. on Foundations of Computer Science, pp. 90–99 (1991)
Babai, L., Fortnow, L., Levin, L.A., Szegedy, M.: Checking Computations in Polylogarithmic Time. In: Proc. 23 ACM Symp. of Theory of Computing, pp. 21–31
Gemmell, P., Lipton, R., Rubinfeld, R., Sudan, M., Wigderson, A.: Self-Testing/Correcting for Polynomials and for Approximate Functions. In: Proc. 23 ACM Symp. of Theory of Computing, pp. 32–42
Tarjan, R.E.: Applications of path compression on balanced trees. J. ACM, 690–715 (October 1979)
Siewiorek, D., Swarz, R.: The theory and practice of reliable design. Digital Press, Bedford (1982)
Johnson, B.: Design and analysis of fault tolerant digital systems. Addison-Wesley, Reading (1989)
Blum, M., Wasserman, H.: Reflections on the pentium bug. IEEE Trans. Computers 45, 385–394–847 (1996)
Blum, M., Wasserman, H.: Program result checking: a theory of testing meets a test of theory. In: Proceedings of 35th Foundations of Computer Science Conference, pp. 382–392 (1994)
Geist, A., Beguelin, A., Dongarra, J., Jiang, W., Manchek, R., Sunderam, V.: PVM – parallel virtual machine: a users’ guide and tutorial for networked parallel computing. M.I.T. Press, Cambridge (1994)
Carriero, N., Gelernter, D.: How to write parallel program: a first course. M.I.T. Press, Cambridge (1992)
Gropp, W., Lusk, E., Skjellum, A.: Using MPI: portable parallel programming with the message passing interface. M.I.T. Press, Cambridge (1994)
Miller, M., Drexler, K.: Markets and Computation: Agoric Open Systems. In: Huberman, B.A. (ed.) The Ecology of Computation, pp. 133–205. North-Holland, Amsterdam (1988)
Lawler, E.L., Lenstra, J.K., Rinnooy Kan, A.H.G., Shmoys, D.B.: The Traveling Salesman Problem. John Wiley and Sons Ltd., Chichester (1985)
Carpaneto, G., DellAmico, M., Toth, P.: Exact Solution of Large-Scale Asymmetric Traveling Salesman Problems. ACM Transactions on Mathematical Software 21(4), 394–409 (1995)
Syslo, M.M., Deo, N., Kowalik, J.S.: Discrete Optimization Algorithms: with Pascal Programs. Prentice-Hall, Englewood Cliffs (1983)
Martello, S., Toth, P.: Algorithm 632: A Program for the 0–1 Multiple Knapsack Problem. ACM Transactions on Mathematical Software 11(2), 135–140 (1985)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Jin, H., Sullivan, G.F., Masson, G.M. (2003). Software Tamper Resistance Using Program Certificates. In: Anderson, S., Felici, M., Littlewood, B. (eds) Computer Safety, Reliability, and Security. SAFECOMP 2003. Lecture Notes in Computer Science, vol 2788. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-39878-3_12
Download citation
DOI: https://doi.org/10.1007/978-3-540-39878-3_12
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20126-7
Online ISBN: 978-3-540-39878-3
eBook Packages: Springer Book Archive