Skip to main content
SpringerLink
Log in

Attacking an Obfuscated Cipher by Injecting Faults

  • Conference paper
Digital Rights Management (DRM 2002)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2696))

Included in the following conference series:

Abstract

We study the strength of certain obfuscation techniques used to protect software from reverse engineering and tampering. We show that some common obfuscation methods can be defeated using a fault injection attack, namely an attack where during program execution an attacker injects errors into the program environment. By observing how the program fails under certain errors the attacker can deduce the obfuscated information in the program code without having to unravel the obfuscation mechanism. We apply this technique to extract a secret key from a block cipher obfuscated using a commercial obfuscation tool and draw conclusions on preventing this weakness.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Craver, S.A., Wu, M., Liu, B., Stubblefield, A., Swartzlander, B., Wallach, D.S., Dean, D., Felten, E.W.: Reading between the lines: Lessons from the SDMI challenge. In: Proceedings of the 10th USENIX Security Symposium (2001)

    Google Scholar 

  2. CSS (2002), http://www.dvdcca.org/css

  3. Intertrust (2002), http://www.intertrust.com

  4. Microsoft Windows Media Technologies (2002), http://www.microsoft.com/windows/windowsmedia

  5. Adobe EBooks (2002), http://www.adobe.com/epaper/ebooks

  6. Abraham, D.G., Dolan, G.M., Double, G.P., Stevens, J.V.: Transaction Security System. IBM Systems Journal 30, 206–229 (1991)

    Article  Google Scholar 

  7. Dallas Semiconductor: Soft Microcontroller Data Book (1993)

    Google Scholar 

  8. Trusted Computing Platform Alliance (2002), http://www.trustedpc.org

  9. Anderson, R., Kuhn, M.: Low cost attacks on tamper resistant devices. In: Christianson, B., Lomas, M. (eds.) Security Protocols 1997. LNCS, vol. 1361, pp. 125–136. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

  10. Kocher, P., Jaffe, J., Jun, B.: Differential power analysis. In: Wiener, M. (ed.) CRYPTO 1999. LNCS, vol. 1666, pp. 388–397. Springer, Heidelberg (1999)

    Google Scholar 

  11. Shamir, A., van Someren, N.: Playing ‘hide and seek’ with stored keys. In: Franklin, M.K. (ed.) FC 1999. LNCS, vol. 1648, pp. 118–124. Springer, Heidelberg (1999)

    Google Scholar 

  12. Diffie, W., Hellman, M.: New directions in cryptography. IEEE Transactions on Information Theory IT-22, 644–654 (1976)

    Article  MathSciNet  Google Scholar 

  13. Microsoft Corporation: World Intellectual Property Organization, WO 02/01327 A2 (2002)

    Google Scholar 

  14. Cloakware Corporation: World Intellectual Property Organization, WO 00/77596 A1 (2000)

    Google Scholar 

  15. Intertrust Corporation: US Patent Office, US 6,157,721 (2000)

    Google Scholar 

  16. Intel Corporation: US Patent Office, US 6,205,550 (2000)

    Google Scholar 

  17. RetroGuard Java Obfuscator (2002), http://www.retrologic.com

  18. Chow, S., Johnson, H., van Oorschot, P.C., Eisen, P.: A White-Box DES Implementation for DRM Applications. In: Feigenbaum, J. (ed.) DRM 2002. LNCS, vol. 2696, pp. 1–15. Springer, Heidelberg (2003)

    Chapter  Google Scholar 

  19. Biham, E., Shamir, A.: Differential fault analysis of secret key cryptosystems. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 513–525. Springer, Heidelberg (1997)

    Google Scholar 

  20. Boneh, D., DeMillo, R.A., Lipton, R.J.: On the importance of checking cryptographic protocols for faults. In: Fumy, W. (ed.) EUROCRYPT 1997. LNCS, vol. 1233, pp. 37–51. Springer, Heidelberg (1997)

    Google Scholar 

  21. Schneier, B.: Applied Cryptography. Wiley, Chichester (1994)

    Google Scholar 

  22. Menezes, A.J., Van Oorschot, P.C., Vanstone, S.A.: Handbook of applied cryptography. CRC Press, Boca Raton (1997)

    MATH  Google Scholar 

  23. Daemen, J., Rijmen, V.: Rijndael for AES. In: NIST (ed.) The Third Advanced Encryption Standard Candidate Conference, pp. 343–347. National Institute for Standards and Technology (2000)

    Google Scholar 

  24. Aucsmith, D.: Tamper-resistant software: An implementation. In: Anderson, R. (ed.) IH 1996. LNCS, vol. 1174, pp. 317–333. Springer, Heidelberg (1996)

    Google Scholar 

  25. Barak, B., Goldreich, O., Impagliazzo, R., Rudich, S., Sahai, A., Vadhan, S., Yang, K.: On the (im)possibility of obfuscating programs. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 1–18. Springer, Heidelberg (2001)

    Chapter  Google Scholar 

  26. grugq, scut: Armouring the ELF: Binary encryption on the UNIX platform. Phrack Inc. 58 (2001)

    Google Scholar 

  27. Wang, C., Davidson, J., Hill, J., Knight, J.: Protection of software-based survivability mechanisms. In: Proceedings of the 2001 Dependable Systems and Networks, DSN 2001 (2001)

    Google Scholar 

  28. Collberg, C., Thomborson, C., Low, D.: Manufacturing cheap, resilient, and stealthy opaque constructs. In: The 25th Symposium on Principles of Programming Languages (POPL 1998), Association for Computing Machinery (1998), pp. 184–196 (1998)

    Google Scholar 

  29. Steensgaard, B.: Points-to analysis in almost linear time. In: The 23th Symposium on Principles of Programming Languages (POPL 1996), Association for Computing Machinery, pp. 32–41 (1996)

    Google Scholar 

  30. Landi, W.: Undecidability of static analysis. ACM Letters on Programming Languages and Systems 1, 323–337 (1992)

    Google Scholar 

  31. Horne, B., Matheson, L., Sheehan, C., Tarjan, R.E.: Dynamic self-checking techniques for improved tamper-resistance. In: Sander, T. (ed.) DRM 2001. LNCS, vol. 2320, pp. 141–159. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  32. Chang, H., Atallah, M.J.: Protecting software code by guards. In: Sander, T. (ed.) DRM 2001. LNCS, vol. 2320, pp. 160–175. Springer, Heidelberg (2002)

    Chapter  Google Scholar 

  33. Cesare, S.: Linux anti-debugging techniques (fooling the debugger). Security Focus (2000)

    Google Scholar 

  34. Goldreich, O., Ostrovsky, R.: Software protection and simulation on oblivious RAMs. Journal of the Association for Computing Machinery 43, 431–473 (1996)

    Google Scholar 

  35. Petitcolas, F.A.P., Anderson, R.J., Kuhn, M.G.: Attacks on copyright marking systems. In: Aucsmith, D. (ed.) IH 1998. LNCS, vol. 1525, pp. 219–239. Springer, Heidelberg (1998)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Princeton University,  

    Matthias Jacob & Edward Felten

  2. Stanford University,  

    Dan Boneh

Authors
  1. Matthias Jacob
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Dan Boneh
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Edward Felten
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Yale University,  

    Joan Feigenbaum

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Jacob, M., Boneh, D., Felten, E. (2003). Attacking an Obfuscated Cipher by Injecting Faults. In: Feigenbaum, J. (eds) Digital Rights Management. DRM 2002. Lecture Notes in Computer Science, vol 2696. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-44993-5_2

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-44993-5_2

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-40410-1

  • Online ISBN: 978-3-540-44993-5

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation