-
1.发明申请METHOD AND APPARATUS FOR COMPUTER CODE OBFUSCATION AND DEOBFUSCATION USING BOOT INSTALLATION 有权使用引导安装的计算机代码创建和解密的方法和装置公开(公告)号:US20120221864A1
公开(公告)日:2012-08-30
申请号:US13434619
申请日:2012-03-29
CPC分类号: G06F21/14 , G06F21/577
摘要: In the field of computer software, obfuscation techniques for enhancing software security are applied to compiled (object) software code. The obfuscation results here in different versions (instances) of the obfuscated code being provided to different installations (recipient computing devices). The complementary code execution uses a boot loader or boot installer-type program at each installation which contains the requisite logic. Typically, the obfuscation results in a different instance of the obfuscated code for each intended installation (recipient) but each instance being semantically equivalent to the others. This is accomplished in one version by generating a random value or other parameter during the obfuscation process, and using the value to select a particular version of the obfuscating process, and then communicating the value along with boot loader or installer program software.
摘要翻译: 在计算机软件领域,用于增强软件安全性的混淆技术应用于编译(对象)软件代码。 这里的混淆结果在不同版本(实例)的混淆代码提供给不同的安装(收件人计算设备)。 互补代码执行在每个安装时使用引导加载程序或引导安装程序类型程序,其中包含必需的逻辑。 通常,混淆导致每个预期安装(接收者)的混淆代码的不同实例,但每个实例在语义上等同于其他安装。 这在一个版本中通过在混淆过程中产生随机值或其他参数来实现,并且使用该值来选择混淆过程的特定版本,然后与引导加载程序或安装程序软件一起传送该值。
-
公开(公告)号:US20090235089A1
公开(公告)日:2009-09-17
申请号:US12047207
申请日:2008-03-12
IPC分类号: G06F21/00
CPC分类号: G06F21/14 , G06F21/577
摘要: In the field of computer software, obfuscation techniques for enhancing software security are applied to compiled (object) software code. The obfuscation results here in different versions (instances) of the obfuscated code being provided to different installations (recipient computing devices). The complementary code execution uses a boot loader or boot installer-type program at each installation which contains the requisite logic. Typically, the obfuscation results in a different instance of the obfuscated code for each intended installation (recipient) but each instance being semantically equivalent to the others. This is accomplished in one version by generating a random value or other parameter during the obfuscation process, and using the value to select a particular version of the obfuscating process, and then communicating the value along with boot loader or installer program software. This boot loader then selects which particular process to use for the code execution at the time of installation in accordance with the value. This results in different versions of the obfuscated code being provided to each recipient installation, which further enhances security of the code against reverse engineering by hackers.
摘要翻译: 在计算机软件领域,用于增强软件安全性的混淆技术应用于编译(对象)软件代码。 这里的混淆结果在不同版本(实例)的混淆代码提供给不同的安装(收件人计算设备)。 互补代码执行在每个安装时使用引导加载程序或引导安装程序类型程序,其中包含必需的逻辑。 通常,混淆导致每个预期安装(接收者)的混淆代码的不同实例,但每个实例在语义上等同于其他安装。 这在一个版本中通过在混淆过程中产生随机值或其他参数来实现,并且使用该值来选择混淆过程的特定版本,然后与引导加载程序或安装程序软件一起传送该值。 然后,该引导加载程序根据该值选择在安装时用于执行代码的特定进程。 这导致了向每个接收方安装提供了不同版本的混淆代码,这进一步增强了代码的安全性,防止了黑客的反向工程。
-
3.发明申请公开(公告)号:US20130067212A1
公开(公告)日:2013-03-14
申请号:US13232853
申请日:2011-09-14
IPC分类号: H04L9/00
CPC分类号: H04L9/0631 , H04L2209/12
摘要: In the field of computer enabled cryptography, such as a keyed block cipher having a plurality of sequenced rounds, the cipher is hardened against an attack by a protection process which adds rounds to the cipher process. This is especially advantageous in a “White Box” environment where an attacker has full access to the cipher algorithm (process), including the algorithm's internal state during its execution. In one version, a specific number of rounds are added over those of a standard version of the cipher to both encryption and the complementary decryption. The added rounds are inserted immediately after the last of the standard rounds in the sequence. In another version, the added rounds are one or more opposing paired rounds of encryption/decryption or decryption/encryption which effectively cancel each other out, and may be inserted anywhere in the sequence of standard rounds.
摘要翻译: 在计算机启用密码学领域,例如具有多个排序轮次的密钥分组密码,密码被针对加密进程加密的保护过程的攻击强化。 这在白盒环境中特别有利,在这种情况下,攻击者可以完全访问密码算法(进程),包括算法执行过程中的内部状态。 在一个版本中,将特定数量的回合相对于密码的标准版本的加法加密和互补解密相加。 添加的回合将在序列中的最后一个标准回合之后立即插入。 在另一个版本中,添加的回合是一个或多个相对配对的加密/解密或解密/加密,其有效地彼此抵消,并且可以插入到标准轮次的任何地方。
-
公开(公告)号:US20130014267A1
公开(公告)日:2013-01-10
申请号:US13178383
申请日:2011-07-07
IPC分类号: G06F21/00
CPC分类号: H04L63/0428 , G06F21/14 , H04L69/03
摘要: In the field of computer science, communications protocols (such as computer network protocols) are hardened (secured) against reverse engineering attacks by hackers using a software tool which is applied to a high level definition of the protocol. The tool converts the definition to executable form, such as computer source code, and also applies reverse-engineering countermeasures to the protocol definition as now expressed in source code, to prevent hackers from recovering useful details of the protocol. This conversion process also allows preservation of backwards version compatibility of the protocol definition.
摘要翻译: 在计算机科学领域,通信协议(例如计算机网络协议)被黑客强化(安全)以防止黑客利用应用于协议的高级别定义的软件工具进行逆向工程攻击。 该工具将定义转换为可执行形式,例如计算机源代码,并且还对源代码中表示的协议定义应用反向工程对策,以防止黑客恢复协议的有用细节。 此转换过程还允许保留协议定义的向后版本兼容性。
-
5.发明申请公开(公告)号:US20110055568A1
公开(公告)日:2011-03-03
申请号:US12551172
申请日:2009-08-31
申请人: Augustin J. FARRUGIA , Bertrand MOLLINIER TOUBLET , Gianpaolo FASOLI , Mathieu CIET , Jill SURDZIAL
发明人: Augustin J. FARRUGIA , Bertrand MOLLINIER TOUBLET , Gianpaolo FASOLI , Mathieu CIET , Jill SURDZIAL
IPC分类号: H04L9/00
CPC分类号: H04L63/0428 , H04L9/321 , H04L9/3218 , H04L9/3242 , H04L2209/603 , H04L2209/80
摘要: In the fields of data security and system reliability and qualification, this disclosure is of a method, system and apparatus for verifying or authenticating a device to a host using a zero-knowledge based authentication technique which includes a keyed message authentication code such as an HMAC or keyed cipher function and which operates on secret information shared between the host and the device. This is useful both for security purposes and also to make sure that a device such as a computer peripheral or accessory or component is qualified to be interoperable with the host.
摘要翻译: 在数据安全性和系统可靠性和资格认证领域中,本公开是一种用于使用基于零知识的认证技术来验证或认证到主机的设备的方法,系统和装置,其包括诸如HMAC之类的密钥化消息认证码 或密钥密码函数,并且操作在主机和设备之间共享的秘密信息。 这对于安全目的也是有用的,并且还确保诸如计算机外围设备或附件或组件的设备有资格与主机互操作。
-
公开(公告)号:US20100304805A1
公开(公告)日:2010-12-02
申请号:US12475337
申请日:2009-05-29
IPC分类号: A63F9/24
CPC分类号: G06F21/64
摘要: In the computer data security field, a cryptographic hash function process embodied in a computer system and which is typically keyless, but is highly secure. The process is based on the type of randomness exhibited by well known table “cue sports” games such as billiards, snooker, and pool played on a billiards table involving the players striking one of a plurality of balls with a cue, the struck ball then hitting other balls, the raised sides of the table, and in some cases one or more balls going into pockets in the corners and/or sides of the table. Computation of the hash value (digest) is the result of providing a model (such as expressed in computer code) of such a game algorithm and using the message as an input to the game algorithm, then executing the game algorithm. A state of the game after a “shot” gives the hash digest value.
摘要翻译: 在计算机数据安全领域中,加密散列函数过程体现在计算机系统中,并且通常是无钥匙的,但是是高度安全的。 该过程是基于众所周知的表“提示运动”游戏所显示的随机性类型,例如台球,斯诺克和在台球桌上玩的游泳池,其涉及玩家以提示的方式击打多个球中的一个,然后击球 击中其他球,桌子的凸起部分,以及在某些情况下一个或多个球进入桌子的角落和/或侧面的口袋。 哈希值(摘要)的计算是提供这种游戏算法的模型(例如以计算机代码表示)的结果,并且使用该消息作为游戏算法的输入,然后执行游戏算法。 “拍摄”后的游戏状态给出了散列摘要值。
-
公开(公告)号:US20090238360A1
公开(公告)日:2009-09-24
申请号:US12054249
申请日:2008-03-24
CPC分类号: G06F7/723 , G06F7/556 , G06F2207/5561 , H04L9/3013 , H04L9/302
摘要: Method and apparatus for data security using exponentiation. This is suitable for public key cryptography authentication and other data security applications using a one-way function. A type of exponentiation is disclosed here where the bits of an exponent value expressed in binary form correspond to a course (path) in a given graph defining the one-way function. This uses an approach called here F sequences. Each value is in a ladder of a sequence of values, as defined from its predecessor values. This ladder satisfies certain algebraic identities and is readily calculated by a computer program or logic circuitry.
摘要翻译: 使用取幂的数据安全的方法和装置。 这适用于使用单向功能的公钥加密认证和其他数据安全应用。 这里公开了一种取幂类型,其中以二进制形式表示的指数值的位对应于定义单向函数的给定图中的路线(路径)。 这使用一种称为F序列的方法。 每个值都位于一系列值的梯形图中,如其前导值所定义。 该梯子满足某些代数标识,并且可以由计算机程序或逻辑电路容易地计算出来。
-
公开(公告)号:US20120210303A1
公开(公告)日:2012-08-16
申请号:US13452144
申请日:2012-04-20
IPC分类号: G06F9/44
CPC分类号: H04L9/0612 , G06F7/00 , G06F21/125 , G06F2207/7252 , H04L9/002 , H04L2209/08 , H04L2209/12 , H04L2209/16
摘要: Disclosed herein are systems, methods, computer readable media and special purpose processors for obfuscating code. The method includes extracting an operation within program code, selecting a formula to perform the equivalent computation as the extracted operation, and replacing the extracted operation with the selected formula. The formula can be selected randomly or deterministically. The extracted operation can be an arithmetic operation or a Boolean operation.
摘要翻译: 本文公开了用于对代码进行混淆的系统,方法,计算机可读介质和专用处理器。 该方法包括提取程序代码内的操作,选择一个公式以执行与提取的操作等效的计算,并用所选公式替换提取的操作。 公式可以随机或确定地选择。 提取的操作可以是算术运算或布尔运算。
-
公开(公告)号:US20090271636A1
公开(公告)日:2009-10-29
申请号:US12109283
申请日:2008-04-24
IPC分类号: H04L9/06
CPC分类号: H04L9/0618 , H04L9/0656
摘要: Computer related method and apparatus to transmit a logical value (e.g., 1 or 0) between two entities, such as an operating system and application program, in a secure way in an insecure environment. The logical status is sent by in effect encrypting it using two random numbers, one from each entity, before sending it to the other entity. However the encrypting is much “lighter” (requiring much less computer or circuit resources) than any conventional secure cipher and has a built-in verification feature.
摘要翻译: 计算机相关方法和装置,以安全的方式在不安全的环境中传送诸如操作系统和应用程序的两个实体之间的逻辑值(例如,1或0)。 逻辑状态在发送给另一个实体之前通过实际加密来发送,使用两个随机数,一个来自每个实体。 然而,与任何传统的安全密码相比,加密比“更轻”(需要更少的计算机或电路资源),并具有内置的验证功能。
-
公开(公告)号:US20110055581A1
公开(公告)日:2011-03-03
申请号:US12551067
申请日:2009-08-31
IPC分类号: H04L9/32
CPC分类号: G06F21/64 , H04L9/3236
摘要: In the computer data security field, this disclosure is of cryptographic hash function processes embodied in a computer system and which may be keyless, but are highly secure. The processes are based on the type of randomness exhibited by painting or drawing a picture. Computation of the hash value (digest) is the result of executing in computer code or logic circuitry an algorithm which models such a picture painting process using the message as an input to the picture painting algorithm, then executing the algorithm. A state of the resulting picture gives the hash digest value of the message. Message expansion or a derivation function (e.g., a pseudo random number generation process) may be applied to the message prior to execution of the picture painting process, for enhanced security.
摘要翻译: 在计算机数据安全领域中,本公开是在计算机系统中体现的加密散列函数过程,其可以是无钥匙的,但是是高度安全的。 这些过程基于通过绘画或绘制图片显示的随机性类型。 哈希值(摘要)的计算是在计算机代码或逻辑电路中执行使用该消息作为图片绘画算法的输入来对这样的图片绘画过程进行建模的算法的结果,然后执行该算法。 所得图像的状态给出消息的散列摘要值。 消息扩展或导出功能(例如,伪随机数生成处理)可以在执行画面绘制处理之前应用于消息,以增强安全性。
-
-
-
-
-
-
-
-
-
搜索结果
13 条记录 (耗时 0.025 秒)
