Patent Application
20080229115
The technical field relates generally to computer processing and more specifically to obfuscation of software functionality.
It is not uncommon for a software developer to utilize a third party, or parties, to help develop software and update existing software. It also is not uncommon for the software developer to desire that the software be protected from reverse engineering, hacking, or the like. A dilemma however, is how to protect the software while allowing third parties access to the software.
This Summary is provided to introduce a selection of concepts in a simplified form that are further described below in the Detailed Description Of Illustrative Embodiments. This Summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter.
Functionality of, and access to, software is selectively controlled. An executable file is generated such that functions of the file can be selectively executed. In an example embodiment, portions of the file corresponding to specific functions are protected by respective cryptographic techniques. Users can access the file and execute selected functions of the file in accordance with the cryptographic techniques. To invoke functionality, a user can provide an authentication token, cryptographic key, or the like, via a storage device, such as a smart card.
The foregoing summary, as well as the following detailed description, is better understood when read in conjunction with the appended drawings. For the purpose of illustrating the provision of functionality via obfuscated software, there is shown in the drawings exemplary constructions thereof, however, providing functionality via obfuscated software is not limited to the specific methods and instrumentalities disclosed.
Functions provided by a software file (e.g., executable file) can be selectively executed via cryptographic techniques. In an example embodiment, software pertaining to specific functionality is encrypted utilizing a cryptographic key. The encrypted software forms an obfuscated executable portion of an obfuscated binary file. The executable portion can contain data as well as executable code. The obfuscated executable portion can contain multiple encrypted portions, each being encrypted with the same cryptographic key (or with various combinations of cryptographic keys), and each, upon decryption, capable of providing a respective functionality. The obfuscated executable portion also can contain non-obfuscated portions that can successfully be executed without utilizing a cryptographic key. The cryptographic key and other information are combined and encrypted utilizing a public key of a public/private cryptographic key pair. The encrypted combination and the obfuscated executable portion form an obfuscated binary file. In an example embodiment, the obfuscated binary file is stored for subsequent access. The obfuscated binary file can be stored in any appropriate storage means, such as semiconductor memory, magnetic disk, optical memory, flash memory, or the like, for example. The private key of the cryptographic key pair is stored on an external device, such as a smart card or the like. Multiple, different, public key/private key pairs can be utilized for multiple users. When a user wants to invoke the obfuscated functionality portion of the binary file, the user provides the private key to the processor via the storage device. The private key is retrieved and is utilized to decrypt the appropriate portion of the obfuscated binary file. The cryptographic key obtained therefrom is utilized to decrypt the encrypted portion, or portions, of the obfuscated executable. In various embodiments, multiple cryptographic keys can be utilized, for example, to further encrypt cryptographic keys.
As explained in more detail below, the cryptographic key, K1, can optionally be combined with information relating to the software functionality, or functionalities, and the combination is encrypted with a public key of a public/private key pair to generate the encrypted index 14. The encrypted index 14 and the obfuscated executable portion 12 are combined to form the obfuscated binary file 15. Also, as illustrated in
When a user wants to invoke the functionality of a software functionality, or functionalities, in the obfuscated executable file stored in the entity 16, the user provides the private key on the external storage device 18. The entity 16 on which the obfuscated executable file is stored will decrypt the encrypted index utilizing the private key provided by the external storage device 18. The cryptographic key (e.g., K1) obtained from the decrypted index is used to decrypt the encrypted software functionality. The decrypted functionality is then available for execution.
Optionally, additional information can be encrypted utilizing the public key, at step 22. The additional information can include the public key, information pertaining to the software functionality (e.g., name of functionality, author of functionality, functionality size), salt (a random number of predetermined length), a hash value indicative of the data being encrypted with the public key, or a combination thereof. A hash value of the data is the result of operating on the data with a hash function. Hash functions are known in the art. A hash function is a function that transforms a variable-size input into a fixed size value. Typically, hash functions are one way, meaning that it is impracticable or impossible to determine the input value from the output (transformed) value. Providing the same input to a hash function will provide the same output. A slight change in the input typically results in a considerable change in the output. Thus, at step 22, the cryptographic key can be combined with the optional, additional information, and the combination is encrypted to form an encrypted index utilizing the public key of a public/private key pair.
At step 24, it is determined if more software functionalities are to be encrypted. If another software functionality is to be encrypted (step 24), it is determined at step 26 if another cryptographic key is to be utilized to encrypt the software functionality. If another cryptographic key is to be utilized to encrypt the next software functionality, the current cryptographic key, K, is replaced with the new cryptographic key at step 28. At step 30, it is determined if another public/private key pair is to be utilized to encrypt the cryptographic key, K, and optional additional information. If another public/private key pair is to be utilized to encrypt the cryptographic key, K, and optional additional information, the current public/private key pair is replaced with the new public/private key pair at step 32. The process proceeds to step 20 and continues as described above. If, at step 26, it is determined that another cryptographic key, K, is not to be utilized, but rather, the current cryptographic key, K, is to be utilized, the process proceeds directly to step 30, skipping step 28. If, at step 30, it is determined that another public/private key pair is not to be utilized, but rather, the current public/private key pair is to be utilized, the process proceeds directly to step 20.
If, at step 24, it is determined that there are no more software functionalities to be encrypted, an obfuscated file is formed at step 34. As described above, the obfuscated file comprises the encrypted software functionality, or functionalities, generated at step 20, and the encrypted cryptographic key, K, and any additional optional information, generated at step 22. At step 36, the private key, or keys, of the respective public key, or keys, are stored on an external storage device, such as a smart card or the like. At step 38, the obfuscated file is stored on a processor, a storage device, or the like.
An indication to invoke functionality occurs at step 40. This could occur at runtime, for example, when an application or user wants to execute an encrypted functionality to invoke its functionality. It is determined, at step 42 if the private key corresponding to the public key of the public/private key pair, needed to decrypt the obfuscated file has been provided. If the public key has not been provide (step 42), an authentication prompt is provided at step 44. The authentication prompt can comprise any appropriated means for requesting the private key, such as a prompt rendered on a display instructing a user to insert a smart card, for example. At step 46, the private key is retrieved, e.g., via insertion of a smart card into the processor hosting the obfuscated software. The user could, at this point, optionally fulfill an authorization requirement, such as entering a password or the like, to allow access to the external storage device.
The private key is utilized to decrypt the appropriate portion of the obfuscated file at step 48. In an example embodiment, the appropriate portion comprises the public-key-encrypted cryptographic key (e.g., cryptographic key, K, in
The processing portion 54 is capable of generating and/or executing obfuscated software as described above. For example, the processing portion 54 is capable of defining and encrypting a software functionality with a cryptographic key, encrypting a cryptographic key with a public key, encrypting a public key with a public key, encrypting information related to a software functionality with a public key, encrypting salt with a public key, encrypting a hash value with a public key, calculating a hash value, decrypting an encrypted cryptographic key with a private key, decrypting an encrypted private key with a private key, decrypting encrypted information related to a software functionality with a private key, decrypting an encrypted salt with a private key, decrypting an encrypted hash value with a private key, determining if another software functionality is to be encrypted, determining if another cryptographic key is to be used to encrypt a software functionality, replacing a current cryptographic key with a new cryptographic key, determining if another public/private key pair is to be utilized, replacing a current public/private key pair with a new public/private key pair, comparing hash values, retrieving a private key, generating an authentication prompt, and executing a decrypted software functionality.
The processor 52 can be implemented as a client processor and/or a server processor. In a basic configuration, the processor 52 can include at least one processing portion 54 and memory portion 56. The memory portion 56 can store any information utilized in conjunction with generating and/or executing obfuscated software. Depending upon the exact configuration and type of processor, the memory portion 56 can be volatile (such as RAM) 60, non-volatile (such as ROM, flash memory, etc.) 62, or a combination thereof. The processor 52 can have additional features/functionality. For example, the processor 52 can include additional storage (removable storage 64 and/or non-removable storage 66) including, but not limited to, magnetic or optical disks, tape, flash, smart cards or a combination thereof. Computer storage media, such as memory portion 56, 60, 62, 64, and 66, include volatile and nonvolatile, removable and non-removable media implemented in any method or technology for storage of information such as computer readable instructions, data structures, program modules, or other data. Computer storage media include, but are not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CD-ROM, digital versatile disks (DVD) or other optical storage, magnetic cassettes, magnetic tape, magnetic disk storage or other magnetic storage devices, universal serial bus (USB) compatible memory, smart cards, or any other medium which can be used to store the desired information and which can be accessed by the processor 52. Any such computer storage media can be part of the processor 52.
The processor 52 can also contain communications connection(s) 72 that allow the processor 52 to communicate with other devices, for example. Communications connection(s) 72 is an example of communication media. Communication media typically embody computer readable instructions, data structures, program modules or other data in a modulated data signal such as a carrier wave or other transport mechanism and includes any information delivery media. The term “modulated data signal” means a signal that has one or more of its characteristics set or changed in such a manner as to encode information in the signal. By way of example, and not limitation, communication media includes wired media such as a wired network or direct-wired connection, and wireless media such as acoustic, RF, infrared and other wireless media. The term computer readable media as used herein includes both storage media and communication media. The processor 52 also can have input device(s) 70 such as keyboard, mouse, pen, voice input device, touch input device, etc. Output device(s) 68 such as a display, speakers, printer, etc. also can be included.
A computer system can be roughly divided into three component groups: the hardware component, the hardware/software interface system component, and the applications programs component (also referred to as the “user component” or “software component”). In various embodiments of a computer system the hardware component may comprise the central processing unit (CPU) 521, the memory (both ROM 564 and RAM 525), the basic input/output system (BIOS) 566, and various input/output (I/O) devices such as a keyboard 540, a mouse 542, a monitor 547, and/or a printer (not shown), among other things. The hardware component comprises the basic physical infrastructure for the computer system.
The applications programs component comprises various software programs including but not limited to compilers, database systems, word processors, business programs, videogames, and so forth. Application programs provide the means by which computer resources are utilized to solve problems, provide solutions, and process data for various users (machines, other computer systems, and/or end-users). In an example embodiment, application programs perform the functions associated with generating and/or executing obfuscated software as described above.
The hardware/software interface system component comprises (and, in some embodiments, may solely consist of) an operating system that itself comprises, in most cases, a shell and a kernel. An “operating system” (OS) is a special program that acts as an intermediary between application programs and computer hardware. The hardware/software interface system component may also comprise a virtual machine manager (VMM), a Common Language Runtime (CLR) or its functional equivalent, a Java Virtual Machine (JVM) or its functional equivalent, or other such software components in the place of or in addition to the operating system in a computer system. A purpose of a hardware/software interface system is to provide an environment in which a user can execute application programs.
The hardware/software interface system is generally loaded into a computer system at startup and thereafter manages all of the application programs in the computer system. The application programs interact with the hardware/software interface system by requesting services via an application program interface (API). Some application programs enable end-users to interact with the hardware/software interface system via a user interface such as a command language or a graphical user interface (GUI).
A hardware/software interface system traditionally performs a variety of services for applications. In a multitasking hardware/software interface system where multiple programs may be running at the same time, the hardware/software interface system determines which applications should run in what order and how much time should be allowed for each application before switching to another application for a turn. The hardware/software interface system also manages the sharing of internal memory among multiple applications, and handles input and output to and from attached hardware devices such as hard disks, printers, and dial-up ports. The hardware/software interface system also sends messages to each application (and, in certain case, to the end-user) regarding the status of operations and any errors that may have occurred. The hardware/software interface system can also offload the management of batch jobs (e.g., printing) so that the initiating application is freed from this work and can resume other processing and/or operations. On computers that can provide parallel processing, a hardware/software interface system also manages dividing a program so that it runs on more than one processor at a time.
A hardware/software interface system shell (referred to as a “shell”) is an interactive end-user interface to a hardware/software interface system. (A shell may also be referred to as a “command interpreter” or, in an operating system, as an “operating system shell”). A shell is the outer layer of a hardware/software interface system that is directly accessible by application programs and/or end-users. In contrast to a shell, a kernel is a hardware/software interface system's innermost layer that interacts directly with the hardware components.
As shown in
A number of program modules can be stored on the hard disk, magnetic disk 529, optical disk 531, ROM 564, or RAM 525, including an operating system 535, one or more application programs 536, other program modules 537, and program data 538. A user may enter commands and information into the computing device 560 through input devices such as a keyboard 540 and pointing device 542 (e.g., mouse). Other input devices (not shown) may include a microphone, joystick, game pad, satellite disk, scanner, or the like. These and other input devices are often connected to the processing unit 521 through a serial port interface 546 that is coupled to the system bus, but may be connected by other interfaces, such as a parallel port, game port, or universal serial bus (USB). A monitor 547 or other type of display device is also connected to the system bus 523 via an interface, such as a video adapter 548. In addition to the monitor 547, computing devices typically include other peripheral output devices (not shown), such as speakers and printers. The exemplary environment of
The computing device 560 may operate in a networked environment using logical connections to one or more remote computers, such as a remote computer 549. The remote computer 549 may be another computing device (e.g., personal computer), a server, a router, a network PC, a peer device, or other common network node, and typically includes many or all of the elements described above relative to the computing device 560, although only a memory storage device 550 (floppy drive) has been illustrated in
When used in a LAN networking environment, the computing device 560 is connected to the LAN 551 through a network interface or adapter 553. When used in a WAN networking environment, the computing device 560 can include a modem 554 or other means for establishing communications over the wide area network 552, such as the Internet. The modem 554, which may be internal or external, is connected to the system bus 523 via the serial port interface 546. In a networked environment, program modules depicted relative to the computing device 560, or portions thereof, may be stored in the remote memory storage device. It will be appreciated that the network connections shown are exemplary and other means of establishing a communications link between the computers may be used.
While it is envisioned that numerous embodiments of the provision of functionality via obfuscated software are particularly well-suited for computerized systems, nothing in this document is intended to limit the invention to such embodiments. On the contrary, as used herein the term “computer system” is intended to encompass any and all devices capable of storing and processing information and/or capable of using the stored information to control the behavior or execution of the device itself, regardless of whether such devices are electronic, mechanical, logical, or virtual in nature.
The various techniques described herein can be implemented in connection with hardware or software or, where appropriate, with a combination of both. Thus, the methods and apparatuses for implementing the provision of functionality via obfuscated software, or certain aspects or portions thereof, can take the form of program code (i.e., instructions) embodied in tangible media, such as floppy diskettes, CD-ROMs, hard drives, or any other machine-readable storage medium, wherein, when the program code is loaded into and executed by a machine, such as a computer, the machine becomes an apparatus for providing functionality via obfuscated software.
The program(s) can be implemented in assembly or machine language, if desired. In any case, the language can be a compiled or interpreted language, and combined with hardware implementations. The methods and apparatuses for implementing the provision of functionality via obfuscated software also can be practiced via communications embodied in the form of program code that is transmitted over some transmission medium, such as over electrical wiring or cabling, through fiber optics, or via any other form of transmission, wherein, when the program code is received and loaded into and executed by a machine, such as an EPROM, a gate array, a programmable logic device (PLD), a client computer, or the like. When implemented on a general-purpose processor, the program code combines with the processor to provide a unique apparatus that operates to invoke the functionality of the provision of functionality via obfuscated software. Additionally, any storage techniques used in connection with the provision of functionality via obfuscated software can invariably be a combination of hardware and software.
While providing functionality via obfuscated software has been described in connection with the example embodiments of the various figures, it is to be understood that other similar embodiments can be used or modifications and additions can be made to the described embodiments for performing the same functions of providing functionality via obfuscated software without deviating therefrom. Therefore, the provision of functionality via obfuscated software as described herein should not be limited to any single embodiment, but rather should be construed in breadth and scope in accordance with the appended claims.
