| The computer is one of the greatest science and technology inventions, with the rapiddevelopment of computer technology, the application of computer software is also widely.As the carrier of information, software including the daily private data and significantcommercial value. Software security has become an important part of the national securitystrategy; its security should be given enough attention.Software crackers can get the key information of software by reverse engineering andbasis this can achieve the purpose, software tampering and copying. So how to take effectivemeasures to ensure the safety of the software is very important. Software tamper resistance isan important technology of software protection, by inserting the integrity verification moduleto achieve the purpose. Can respond to the attacker’s tamper, and prevent the software frombeing tampered and used. No need to modify the underlying hardware, easy to implement,low overhead and high security algorithm.This thesis mainly aims at researching the control flow integrity of tamper resistancetechnology, in order to improve the software tamper resistant strength, and solve the problemthat the response and judgment vulnerable to attack, proposed a tamper proof scheme basedon integrity verification. The main work of this paper is as follows:Firstly, briefly introduced the software reverse engineering and tamper resistancetechnology, including static analysis, dynamic analysis, research status of tamper resistance,definition, classification and effectiveness evaluation. Specifically studied the control flowintegrity, software guards, code encryption, oblivious hashing.Secondly, elaborated the sharing principles, proposed a tamper proofing scheme based onintegrity checking. The software is divided into several blocks and protected by variousencryption methods. The Hash value can be got by checking the control-flow, and then it canbe used to calculate each sub secret key through the key generation function that hiding in the program with the register code and user ID. It does not need to modify underlying devices,easy to achieve, small overhead and strong security are proved through theoretical analysisand experimental results.Then, briefly introduced the relative knowledge of encryption strength, analyzed the timethat the attacker cracked software, and use this theory to verify the validity of this paper’sscheme.Finally, detailedly analyzed the anti-attack capability of the improved tamper proofingscheme, concealment and overhead, the experiments verified the effectiveness of the tamperproofing scheme based on integrity checking. |
PDF Full Text Request